CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/05/23 7:42 a.m.•1 views

CVE-2024-37848

SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admindelete.php component...

8.4CVSS8.5AI score0.00053EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 1:5 a.m.•3 views

CVE-2022-28006

Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employeedelete.php...

8.8CVSS8.3AI score0.00359EPSS

Exploits1References1

Positive Technologies•added 2024/12/20 12:0 a.m.•1 views

PT-2024-36535 · Unknown · Codeastro Complaint Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro Complaint Management System version 1.0 Description: The issue allows a remote attacker to execute arbitrary code and escalate privileges via the id parameter of the "delete.php" component. This is a result of a SQL injection...

9.8CVSS8.9AI score0.01858EPSS

Exploits1References5

Redos•added 2024/06/27 12:0 a.m.•44 views

ROS-20240627-06

A vulnerability in the Calendar component of cloud storage creation and utilization software Nextcloud Server is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information Vulnerability in the 2FA component...

9.8CVSS7.5AI score0.00526EPSS

Exploits0

Cvelist•added 2024/06/17 12:0 a.m.•11 views

CVE-2024-37848

SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admindelete.php component...

0.00053EPSS

Exploits1References1

CNNVD•added 2024/06/17 12:0 a.m.•1 views

Online Book Store Security Breach

Online Book Store is an online bookstore by the individual developer Arvin Arandilla. A security vulnerability exists in Online Book Store v1.0, which originates from a SQL injection vulnerability that allows local attackers to execute arbitrary code via the admindelete.php component...

8.4CVSS8.4AI score0.00053EPSS

Exploits1References2

Positive Technologies•added 2024/06/17 12:0 a.m.•1 views

PT-2024-27782 · Unknown · Online-Bookstore-Project-In-Php

Name of the Vulnerable Software and Affected Versions: Online-Bookstore-Project-In-PHP version 1.0 Description: The issue allows a local attacker to execute arbitrary code via the admin delete.php component. This is due to a SQL Injection vulnerability. Recommendations: For...

8.4CVSS8.8AI score0.00053EPSS

Exploits1References2

Vulnrichment•added 2024/06/17 12:0 a.m.•10 views

CVE-2024-37848

SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admindelete.php component...

8.4AI score0.00053EPSS

Exploits1References1

CVE•added 2024/06/17 12:0 a.m.•38 views

CVE-2024-37848

CVE-2024-37848 corresponds to a SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 that allows a local attacker to execute arbitrary code via admin_delete.php. Affected component is admin_delete.php; root cause is SQL injection leading to full impact (confidentiality, integrity, ...

8.4CVSS8.5AI score0.00053EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2023/04/12 12:0 a.m.•2 views

PT-2023-9524 · Openlink +4 · Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the dk set delete component of the Virtuoso-opensource platform, which is associated with the incorrect neutralization of special elements used in SQL commands...

7.8CVSS7.7AI score0.00245EPSS

Exploits16References79