Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

207 matches found

exploitpack
exploitpackadded 2017/07/28 12:0 a.m.13 views

VehicleWorkshop - SQL Injection

VehicleWorkshop - SQL Injection Exploit Title: VehicleWorkshop SQL Injection Data: 07.28.2017 Exploit Author: Shahab Shamsi Vendor HomagePage: https://github.com/spiritson/VehicleWorkshop Tested on: Windows Google Dork: N/A ========= Vulnerable Page: ========= /viewvehiclestoremore.php ==========...

0.4AI score
Exploits0
CNVD
CNVDadded 2017/07/19 12:0 a.m.2 views

REDCap File Repository and File Upload Component Cross-Site Request Forgery Vulnerability

REDCap is a free, secure, web-based application. It is designed to support data mining research.File Repository and File Upload are among the components.File Repository is a file storage component; File Upload is a file upload component. A cross-site request forgery vulnerability exists in the...

8.8CVSS8.9AI score0.00134EPSS
Exploits0References1
OSV
OSVadded 2017/02/03 3:59 p.m.0 views

DEBIAN-CVE-2016-4570

The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...

5.5CVSS5.7AI score0.00333EPSS
Exploits0References1
seebug.org
seebug.orgadded 2015/01/07 12:0 a.m.17 views

PHPB2B某处sql注入#6

简要描述: PHPB2B某处sql注入6 详细说明: 官网下载的最新版 virtual-office/favor.php 1-24行 Execute$sql; if !$res flash"actionfailed"; $ids = implode",", $POST'id'; $ids = "".$ids.""; 传入数组的话,就用逗号分隔,又没有单引号保护,直接可以注入。无视gpc。 此处是delete型,可以用延时注入。 演示如下: 注入前添加一个收藏,确保表中存在记录。 先不带任何参数访问。 localhost/phpb2b/virtual-office/favor.php...

6.9AI score
Exploits0
seebug.org
seebug.orgadded 2014/01/09 12:0 a.m.21 views

TCCMS SQL注入漏洞3(盲注鸡肋)

简要描述: TCCMS SQL注入漏洞3盲注 详细说明: 在删除文章时: app/controller/news.class.php public function delete $Obj = M$this-objName; $newsObj = M"content"; $msgObj = new Msg; $id = $GET'id'; $idAry = $POST'id';//注入 $idStr = count$idAry == 0 ? intval$id : implode",", $idAry; $newIdAry = explode",", $idStr; $idSize =...

7AI score
Exploits0
OSV
OSVadded 2009/12/23 6:30 p.m.2 views

DEBIAN-CVE-2009-3582

Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the 1 id and possibly 2 db parameters in a Delete action to the output of a VendorsReportsSearch search operation...

6.5CVSS8.6AI score0.00529EPSS
Exploits2References1
FreeBSD
FreeBSDadded 2004/07/21 12:0 a.m.9 views

moinmoin -- ACL group bypass

The moinmoin package contains two bugs with ACLs and anonymous users. Both bugs may permit anonymous users to gain access to administrative functions; for example the delete function. There is no known workaround, the vulnerability exists regardless if a site is using ACLs or not...

6.5AI score
Exploits0References4
Rows per page
Query Builder