Lucene search
K

10 matches found

EUVD
EUVD
added 2026/04/14 6:30 p.m.6 views

EUVD-2026-22301

A Broken Object-Level Authorization BOLA in the /Controllers/Lead/LeadController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently delete any lead owned by other users via supplying a crafted GET request...

8.1CVSS5.8AI score0.00351EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2026/01/02 4:27 p.m.14 views

CVE-2025-14428

The All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs - My Sticky Elements plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'mystickyelementsbulks' function in all versions up to, and including, 2.3.3. This...

4.3CVSS5AI score0.00261EPSS
Exploits0References1
OSV
OSV
added 2024/08/12 1:38 p.m.4 views

CVE-2024-7643

A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/delete-leads.php of the component Delete Leads Handler. The manipulation of the argument leads leads to sql injection. The atta...

9.8CVSS5.7AI score0.00891EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.6 views

SourceCodester Leads Manager Tool SQL注入漏洞

SourceCodester Leads Manager Tool is a Leads Management Tool from SourceCodester, Inc. A SQL injection vulnerability exists in SourceCodester Leads Manager Tool version 1.0, which originates from a SQL injection vulnerability in the Delete Leads Handler component on the /endpoint/delete-leads.php...

9.8CVSS7AI score0.00891EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/08/09 3:0 p.m.31 views

CVE-2024-7643 SourceCodester Leads Manager Tool Delete Leads delete-leads.php sql injection

A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/delete-leads.php of the component Delete Leads Handler. The manipulation of the argument leads leads to sql injection. The atta...

6.5CVSS0.00891EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/08/09 3:0 p.m.13 views

CVE-2024-7643 SourceCodester Leads Manager Tool Delete Leads delete-leads.php sql injection

A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/delete-leads.php of the component Delete Leads Handler. The manipulation of the argument leads leads to sql injection. The atta...

6.5CVSS7.3AI score0.00891EPSS
Exploits1References4
CVE
CVE
added 2024/08/09 3:0 p.m.48 views

CVE-2024-7643

SourceCodester Leads Manager Tool 1.0 contains a SQL injection vulnerability in the Delete Leads Handler, specifically the file /endpoint/delete-leads.php where the leads argument is vulnerable. Exploitation can be remote, and the exploit has been disclosed publicly. Multiple connected sources co...

9.8CVSS6.8AI score0.00891EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/09 12:0 a.m.5 views

PT-2024-38475 · Sourcecodester · Sourcecodester Leads Manager Tool

Name of the Vulnerable Software and Affected Versions: SourceCodester Leads Manager Tool version 1.0 Description: A critical issue was found in the Delete Leads Handler component, specifically in the file /endpoint/delete-leads.php. The leads argument is vulnerable to SQL injection, which can be...

9.8CVSS6.8AI score0.00891EPSS
Exploits1References5
OSV
OSV
added 2022/04/25 4:16 p.m.4 views

CVE-2022-0657

The 5 Stars Rating Funnel WordPress Plugin | RRatingg WordPress plugin before 1.2.54 does not properly sanitise, validate and escape lead ids before using them in a SQL statement via the rrtnggdeleteleads AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection...

9.8CVSS5.8AI score0.01743EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/04/25 4:16 p.m.7 views

CVE-2022-0657

The 5 Stars Rating Funnel WordPress Plugin | RRatingg WordPress plugin before 1.2.54 does not properly sanitise, validate and escape lead ids before using them in a SQL statement via the rrtnggdeleteleads AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection...

9.8CVSS7.9AI score0.01743EPSS
Exploits2References2
Rows per page
Query Builder