Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13 matches found

NVD
NVDadded 2014/10/20 3:55 p.m.13 views

CVE-2012-5865

SQL injection vulnerability in dispatch.php in Achievo 1.4.5 allows remote authenticated users to execute arbitrary SQL commands via the activityid parameter in a stats action...

6.5CVSS7.7AI score0.01008EPSS
Exploits6References5
Prion
Prionadded 2014/10/20 3:55 p.m.18 views

Sql injection

SQL injection vulnerability in dispatch.php in Achievo 1.4.5 allows remote authenticated users to execute arbitrary SQL commands via the activityid parameter in a stats action...

6.5CVSS8.4AI score0.01008EPSS
Exploits6References5Affected Software1
Cvelist
Cvelistadded 2014/10/20 3:0 p.m.13 views

CVE-2012-5865

SQL injection vulnerability in dispatch.php in Achievo 1.4.5 allows remote authenticated users to execute arbitrary SQL commands via the activityid parameter in a stats action...

7.7AI score0.01008EPSS
Exploits6References5
CVE
CVEadded 2014/10/20 3:0 p.m.52 views

CVE-2012-5865

CVE-2012-5865 concerns Achievo 1.4.5 where a SQL injection flaw exists in the dispatch.php script via the GET parameter activityid in the stats action. The vulnerability can be exploited by remote authenticated users to inject arbitrary SQL commands into the database, with the PoC indicating the ...

6.5CVSS7.9AI score0.01008EPSS
Exploits6References5Affected Software1
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.42 views

Achievo <= 1.3.4 - SQL Injection

No description provided by source. Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ SQL Injection in Achievo 1. Advisory Information Title: SQL Injection in Achievo Advisory ID: BONSAI-2009-0102 Advisory URL:...

7.5CVSS6.5AI score0.00439EPSS
Exploits7
NVD
NVDadded 2009/10/16 4:30 p.m.10 views

CVE-2009-2733

Multiple cross-site scripting XSS vulnerabilities in Achievo before 1.4.0 allow remote attackers to inject arbitrary web script or HTML via 1 the scheduler title in the scheduler module, and the 2 atksearchcontractnumber, 3 atksearchAEcustomercustomer, 4 atksearchmodecontracttype, and possibly 5...

4.3CVSS5.8AI score0.05471EPSS
Exploits7References9
Prion
Prionadded 2009/10/16 4:30 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Achievo before 1.4.0 allow remote attackers to inject arbitrary web script or HTML via 1 the scheduler title in the scheduler module, and the 2 atksearchcontractnumber, 3 atksearchAEcustomercustomer, 4 atksearchmodecontracttype, and possibly 5...

4.3CVSS6.1AI score0.05471EPSS
Exploits7References9Affected Software1
Prion
Prionadded 2009/10/16 4:30 p.m.9 views

Sql injection

SQL injection vulnerability in the getemployee function in classweekreport.inc in Achievo before 1.4.0 allows remote attackers to execute arbitrary SQL commands via the userid parameter aka userid variable to dispatch.php...

7.5CVSS8.9AI score0.00439EPSS
Exploits7References7Affected Software1
Cvelist
Cvelistadded 2009/10/16 4:0 p.m.23 views

CVE-2009-2734

SQL injection vulnerability in the getemployee function in classweekreport.inc in Achievo before 1.4.0 allows remote attackers to execute arbitrary SQL commands via the userid parameter aka userid variable to dispatch.php...

8.2AI score0.00439EPSS
Exploits7References7
securityvulns
securityvulnsadded 2009/10/14 12:0 a.m.51 views

[BONSAI] SQL Injection in Achievo

Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ SQL Injection in Achievo 1. Advisory Information Title: SQL Injection in Achievo Advisory ID: BONSAI-2009-0102 Advisory URL: http://www.bonsai-sec.com/research/vulnerabilities/achievo-sql-injection-0102.txt Date published:...

7.5CVSS7.4AI score0.00439EPSS
Exploits7
Packet Storm
Packet Stormadded 2009/10/14 12:0 a.m.46 views

Achievo SQL Injection

Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ SQL Injection in Achievo 1. Advisory Information Title: SQL Injection in Achievo Advisory ID: BONSAI-2009-0102 Advisory URL: http://www.bonsai-sec.com/research/vulnerabilities/achievo-sql-injection-0102.txt Date published:...

7.5CVSS0.6AI score0.00439EPSS
Exploits7
Prion
Prionadded 2009/02/03 11:30 a.m.8 views

Cross site scripting

Cross-site scripting XSS vulnerability in dispatch.php in Achievo 1.3.2-STABLE allows remote attackers to inject arbitrary web script or HTML via the atknodetype parameter...

4.3CVSS6.1AI score0.00254EPSS
Exploits1References3Affected Software1
Prion
Prionadded 2009/02/03 11:30 a.m.7 views

Cross site scripting

Cross-site scripting XSS vulnerability in dispatch.php in Achievo 1.3.2 allows remote attackers to inject arbitrary web script or HTML via the atkaction parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS6AI score0.00505EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder