Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

15 matches found

NVD
NVDadded 2026/03/06 1:15 p.m.5 views

CVE-2018-25171

EdTv 2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to the admin/editsource endpoint with crafted SQL UNION statements to extract database...

8.8CVSS0.00281EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/03/06 12:19 p.m.3 views

CVE-2018-25171 EdTv 2 SQL Injection via id Parameter

EdTv 2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to the admin/editsource endpoint with crafted SQL UNION statements to extract database...

8.8CVSS6.1AI score0.00281EPSS
Exploits0References2
CVE
CVEadded 2026/03/06 12:19 p.m.8 views

CVE-2018-25171

EdTv 2 contains an SQL injection vulnerability exploitable by unauthenticated attackers via the id parameter in GET requests to admin/edit_source, enabling extraction of database information (schemas, credentials, version). The issue is triggered by crafted SQL UNION statements. Public references...

8.8CVSS6.1AI score0.00281EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/03/06 12:19 p.m.29 views

CVE-2018-25171 EdTv 2 SQL Injection via id Parameter

EdTv 2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to the admin/editsource endpoint with crafted SQL UNION statements to extract database...

8.8CVSS0.00281EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/03/06 12:0 a.m.6 views

EdTv 代码问题漏洞

EdTv is an online video publishing platform operated by EdTv Corporation. Version 2 of EdTv has a code vulnerability; this vulnerability stems from SQL injection in the id parameter within the admin/editsource section, which may allow for the execution of arbitrary SQL queries and the extraction ...

8.8CVSS6.2AI score0.00281EPSS
Exploits0References2
CNNVD
CNNVDadded 2023/05/22 12:0 a.m.3 views

Apache InLong 安全漏洞

Apache InLong is the United States Apache Apache Foundation's one-stop massive data integration framework. A security bypass vulnerability exists in Apache InLong versions 1.4.0 through 1.6.0, which can be exploited by an attacker to delete, edit, stop, and start another person's source...

9.1CVSS6.8AI score0.01355EPSS
Exploits0References3
Veracode
Veracodeadded 2022/02/28 4:51 a.m.18 views

Cross-site Scripting (XSS)

microweber/microweber is vulnerable to cross-site scripting. An attacker can inject and execute malicious javascript through the Edit source option in the endpoint URL by navigating to the malicious URLs...

5.4CVSS2AI score0.00888EPSS
Exploits1References4Affected Software1
CNVD
CNVDadded 2015/05/07 12:0 a.m.4 views

Epicor CRS Retail Source File Manipulation Local Command Execution Vulnerability

Epicor CRS Retail is a retail solution. Epicor CRS Retail has a security vulnerability that allows a local attacker to edit program source files and execute arbitrary commands...

7.8CVSS7.2AI score0.00632EPSS
Exploits1References1
0day.today
0day.todayadded 2008/06/13 12:0 a.m.164 views

Pre News Manager <= 1.0 (index.php id) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================== Pre News Manager = 1.0 index.php id SQL Injection Vulnerability ================================================================== \ /\ \ / | \ \ | / \ // / | \ | \ \ Y...

7.1AI score
Exploits0
securityvulns
securityvulnsadded 2008/05/06 12:0 a.m.50 views

Maian Uploader v4.0 XSS Vulnerabilities

---------------------------------------------------------------- Script : Maian Uploader v4.0 Type : XSS Vulnerabilities ---------------------------------------------------------------- Discovered by : Khashayar Fereidani Or Dr.Crash Our Team : IRCRASH...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2008/05/04 12:0 a.m.46 views

Maian Links v3.1 XSS Vulnerabilities

---------------------------------------------------------------- Script : Maian Links v3.1 Type : XSS Vulnerabilities ---------------------------------------------------------------- Discovered by : Khashayar Fereidani Or Dr.Crash Our Team : IRCRASH...

0.5AI score
Exploits0
securityvulns
securityvulnsadded 2008/05/04 12:0 a.m.61 views

Maian Support v1.3 Xss Vulnerabilities

---------------------------------------------------------------- Script : Maian Support v1.3 Type : Xss Vulnerabilities ---------------------------------------------------------------- Discovered by : Khashayar Fereidani Or Dr.Crash Our Team : IRCRASH...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2006/03/20 12:0 a.m.29 views

Path Disclosure and Arbitrary File Read Vulnerability in SLAB5000

Description SLAB500 is a complete, dynamic, modular web-system designed to your specifications, allowing you to quickly and conveniently update all your content, add new pages, upload images, sounds and video from any browser, via our front-end interface from any location that you have web access...

Exploits0
securityvulns
securityvulnsadded 2005/10/20 12:0 a.m.37 views

[SA17218] PHP-Nuke NukeFixes Addon &quot;file&quot; Local File Inclusion Vulnerability

TITLE: PHP-Nuke NukeFixes Addon "file" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA17218 VERIFY ADVISORY: http://secunia.com/advisories/17218/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: NukeFixes 3.x addon for PHP-Nuke...

0.9AI score
Exploits0
securityvulns
securityvulnsadded 2005/05/13 12:0 a.m.30 views

[SA15297] Quick.Cart &quot;sWord&quot; Cross-Site Scripting Vulnerability

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Quick.Cart "sWord" Cross-Site Scripting Vulnerability...

0.3AI score
Exploits0
Rows per page
Query Builder