CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

NVD•added 2024/06/18 7:16 p.m.•14 views

CVE-2024-37791

DuxCMS3 v3.1.3 was discovered to contain a SQL injection vulnerability via the keyword parameter at /article/Content/index?classid...

6CVSS0.02692EPSS

Exploits1References2

OSV•added 2024/06/18 7:16 p.m.•2 views

CVE-2024-37791

DuxCMS3 v3.1.3 was discovered to contain a SQL injection vulnerability via the keyword parameter at /article/Content/index?classid...

6CVSS5.8AI score0.02692EPSS

Exploits1References2

Vulnrichment•added 2024/06/18 12:0 a.m.•15 views

CVE-2024-37791

DuxCMS3 v3.1.3 was discovered to contain a SQL injection vulnerability via the keyword parameter at /article/Content/index?classid...

8.3AI score0.02692EPSS

Exploits1References2

Cvelist•added 2024/06/18 12:0 a.m.•17 views

CVE-2024-37791

DuxCMS3 v3.1.3 was discovered to contain a SQL injection vulnerability via the keyword parameter at /article/Content/index?classid...

0.02692EPSS

Exploits1References2

CVE•added 2024/06/18 12:0 a.m.•46 views

CVE-2024-37791

DuxCMS3.1.3 is vulnerable to SQL injection via the keyword parameter in /article/Content/index?class_id. The connected exploit details show time-based blind injection using LIKE and unfiltered $value, with payloads that retrieve database name and can delay execution (sleep(1/3)) to confirm exploi...

6CVSS8.3AI score0.02692EPSS

Exploits1References2

Positive Technologies•added 2024/06/18 12:0 a.m.•4 views

PT-2024-27753 · Duxcms3 · Duxcms3

Name of the Vulnerable Software and Affected Versions: DuxCMS3 version 3.1.3 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the keyword parameter at the "/article/Content/index?class id" API endpoint. Recommendations: For DuxCMS3 versio...

6CVSS7.4AI score0.02692EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by