Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3898 matches found

Prion
Prionadded 2022/11/22 9:15 p.m.15 views

Sql injection

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the id parameter at \admin\postcomments.php. This vulnerability allows attackers to access database information...

3.3CVSS5.5AI score0.00809EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2022/11/22 12:0 a.m.6 views

CVE-2022-45535

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the edit parameter at \admin\categories.php. This vulnerability allows attackers to access database information...

5.4AI score0.00775EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/11/22 12:0 a.m.28 views

CVE-2022-45330

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Category parameter at \category.php. This vulnerability allows attackers to access database information...

7.9AI score0.00772EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2022/11/22 12:0 a.m.9 views

CVE-2022-45330

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Category parameter at \category.php. This vulnerability allows attackers to access database information...

7.7AI score0.00772EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/11/22 12:0 a.m.24 views

CVE-2022-45535

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the edit parameter at \admin\categories.php. This vulnerability allows attackers to access database information...

5.7AI score0.00775EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2022/11/22 12:0 a.m.5 views

PT-2022-27469 · Aerocms · Aerocms

Name of the Vulnerable Software and Affected Versions: AeroCMS version 0.0.1 Description: The issue allows attackers to access database information through a SQL Injection vulnerability via the Category parameter at the "category.php" endpoint. This vulnerability enables unauthorized access to...

7.5CVSS7.9AI score0.00772EPSS
Exploits1References7
Cvelist
Cvelistadded 2022/11/22 12:0 a.m.24 views

CVE-2022-45529

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the postcategoryid parameter at \admin\includes\editpost.php. This vulnerability allows attackers to access database information...

5.7AI score0.00745EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2022/11/22 12:0 a.m.6 views

CVE-2022-45529

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the postcategoryid parameter at \admin\includes\editpost.php. This vulnerability allows attackers to access database information...

5.4AI score0.00745EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/11/22 12:0 a.m.5 views

AeroCMS SQL注入漏洞

AeroCMS is a content management system from the American company AeroCMS. AeroCMS version v0.0.1 suffers from a security vulnerability that stems from the pid parameter of its post.php component that allows an attacker to implement a SQL injection resulting in access to database information...

7.5CVSS7.5AI score0.00772EPSS
Exploits1References3
Cvelist
Cvelistadded 2022/11/22 12:0 a.m.27 views

CVE-2022-45536

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the id parameter at \admin\postcomments.php. This vulnerability allows attackers to access database information...

5.7AI score0.00809EPSS
Exploits1References2
CVE
CVEadded 2022/11/22 12:0 a.m.62 views

CVE-2022-45330

CVE-2022-45330 concerns AeroCMS v0.0.1, where a SQL injection is exposed via the Category parameter in the category.php endpoint. The vulnerability could allow an attacker to access database information. Multiple sources confirm the issue, all describing the same vector without stating an officia...

7.5CVSS7.6AI score0.00772EPSS
Exploits1References2Affected Software1
NVD
NVDadded 2022/11/15 9:15 p.m.12 views

CVE-2020-12507

In s::can moni::tools before version 4.2 an authenticated attacker could get full access to the database through SQL injection. This may result in loss of confidentiality, loss of integrity and DoS...

8.8CVSS0.00689EPSS
Exploits0References1
OSV
OSVadded 2022/11/15 9:15 p.m.4 views

CVE-2020-12507

In s::can moni::tools before version 4.2 an authenticated attacker could get full access to the database through SQL injection. This may result in loss of confidentiality, loss of integrity and DoS...

8.8CVSS5.8AI score0.00689EPSS
Exploits0References1
Prion
Prionadded 2022/11/15 9:15 p.m.11 views

Sql injection

In s::can moni::tools before version 4.2 an authenticated attacker could get full access to the database through SQL injection. This may result in loss of confidentiality, loss of integrity and DoS...

6.5CVSS8.9AI score0.00689EPSS
Exploits0References1
OSV
OSVadded 2022/11/15 1:15 p.m.21 views

CVE-2022-40308

If anonymous read enabled, it's possible to read the database file directly without logging in...

7.5CVSS7.4AI score
Exploits0References2
CNNVD
CNNVDadded 2022/11/15 12:0 a.m.7 views

s::can moni::tools SQL注入漏洞

s::can moni::tools is a platform from s::can for managing a virtually unlimited number of sites, online probes, analyzers and parameters. A SQL injection vulnerability exists in versions of s::can moni::tools prior to 4.2, which originates from an authenticated attacker being able to gain full...

8.8CVSS8.2AI score0.00689EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2022/11/08 12:0 a.m.3 views

PT-2022-6952 · Unknown · Qms Automotive

Name of the Vulnerable Software and Affected Versions: QMS Automotive versions prior to V12.39 Description: The issue is related to the storage of critical information in plaintext, which could allow a remote attacker to disclose user credentials. This may enable the attacker to gain access to...

9.1CVSS7.4AI score0.00317EPSS
Exploits0References6
CVE
CVEadded 2022/11/07 9:39 a.m.50 views

CVE-2020-12507

Summary: CVE-2020-12507 affects s::can moni::tools prior to version 4.2. An authenticated attacker could trigger a SQL injection to gain full access to the database, with potential impacts to confidentiality, integrity, and availability. The Red Hat, NVD, CVE List, and other entries concur on the...

8.8CVSS9AI score0.00689EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2022/11/07 9:39 a.m.18 views

CVE-2020-12507 s::can moni::tools autheticated SQL injection

In s::can moni::tools before version 4.2 an authenticated attacker could get full access to the database through SQL injection. This may result in loss of confidentiality, loss of integrity and DoS...

8.8CVSS9AI score0.00689EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2022/11/07 12:0 a.m.4 views

PT-2022-8325 · Unknown · S::Can Moni::Tools

Name of the Vulnerable Software and Affected Versions: s::can moni::tools versions prior to 4.2 Description: The issue allows an authenticated attacker to gain full access to the database through SQL injection, potentially resulting in loss of confidentiality, loss of integrity, and Denial of...

8.8CVSS8.8AI score0.00689EPSS
Exploits0References3
Rows per page
Query Builder