Lucene search
K

283 matches found

OSV
OSV
added 2022/11/30 12:15 p.m.3 views

CVE-2022-4228

A vulnerability classified as problematic has been found in SourceCodester Book Store Management System 1.0. This affects an unknown part of the file /bsmsci/index.php/user/edituser/. The manipulation of the argument password leads to information disclosure. It is possible to initiate the attack...

7.5CVSS5AI score0.01211EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/09/30 2:4 p.m.31 views

CVE-2022-41439

Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/edituser.php...

7.5AI score0.00726EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/09/30 2:4 p.m.6 views

CVE-2022-41439

Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/edituser.php...

7.2AI score0.00726EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/09/30 12:0 a.m.5 views

Billing System Project SQL注入漏洞

Billing System Project is a billing system project by Mayuri K. Individual Developer. Billing System Project v1.0 has a SQL injection vulnerability that stems from the id parameter in /phpinventory/edituser.php found to contain a SQL injection vulnerability...

7.2CVSS7.2AI score0.00726EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/09/15 2:15 a.m.3 views

CVE-2022-38595

Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edituser.php...

7.2CVSS5.8AI score0.00734EPSS
Exploits1References2
OSV
OSV
added 2022/09/15 2:15 a.m.2 views

CVE-2022-38595

Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edituser.php...

7.2CVSS5.8AI score0.00734EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/09/15 12:0 a.m.5 views

Church Management System SQL注入漏洞

Church Management System is a church management system. A security vulnerability exists in Church Management System v1.0, which was discovered to contain a SQL injection vulnerability via the id parameter in /admin/edituser.php...

7.2CVSS7.3AI score0.00734EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/09/15 12:0 a.m.5 views

PT-2022-24473 · Unknown · Church Management System

Name of the Vulnerable Software and Affected Versions: Church Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/admin/edit user.php" API endpoint. Recommendations: For Church Manageme...

7.2CVSS7.1AI score0.00734EPSS
Exploits1References3
OSV
OSV
added 2022/08/25 2:15 p.m.3 views

CVE-2022-36505

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EDitusergroup...

7.8CVSS5.8AI score0.00764EPSS
Exploits1References1
OSV
OSV
added 2022/06/16 7:15 p.m.5 views

CVE-2020-35597

Victor CMS 1.0 is vulnerable to SQL injection via cid parameter of admineditcomment.php, pid parameter of admineditpost.php, uid parameter of adminedituser.php, and edit parameter of adminupdatecategories.php...

8.8CVSS5.8AI score0.01442EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/05/16 2:30 p.m.23 views

CVE-2022-1089 Bulk Edit and Create User Profiles < 1.5.14 - Admin+ Stored Cross-Site Scripting

The Bulk Edit and Create User Profiles WordPress plugin before 1.5.14 does not sanitise and escape the Users Login, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5AI score0.00565EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/04/12 4:15 p.m.1 views

CVE-2022-27162

CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcmsadminMemberseditUser...

9.8CVSS6AI score0.01107EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.2 views

CSZ CMS SQL注入漏洞

CSZ CMS is a PHP-based open source content management system CMS. CSZ CMS version 1.2.2 contains a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in cszcmsadminMemberseditUser and can be exploited by attackers to execute illegal SQL...

9.8CVSS8.7AI score0.01107EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.3 views

CSZ CMS SQL注入漏洞

CSZ CMS is a PHP-based open source content management system CMS. CSZ CMS version 1.2.2 is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in cszcmsadminUserseditUser, and can be used by attackers to execute illegal SQL commands to obtain...

9.8CVSS8.6AI score0.01138EPSS
Exploits1References2
OSV
OSV
added 2022/02/01 7:15 p.m.5 views

CVE-2022-24222

eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edituser.php...

9.8CVSS7.3AI score0.01096EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/02/01 7:15 p.m.6 views

CVE-2022-24222

eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edituser.php...

9.8CVSS7.4AI score0.01096EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/02/01 12:0 a.m.5 views

Elite Graphix Elite Cms SQL注入漏洞

eliteCMS is a popular content management system. A SQL injection vulnerability exists in eliteCMS /admin/edituser.php, which can be exploited by remote attackers to submit a special SQL request to manipulate the database, obtain sensitive information or execute arbitrary code...

9.8CVSS6.4AI score0.01096EPSS
Exploits1References2
0day.today
0day.today
added 2021/08/21 12:0 a.m.114 views

Laundry Booking Management System 1.0 - Multiple SQL Injection Vulnerability

Exploit Title: Laundry Booking Management System 1.0 - 'Multiple' SQL Injection Exploit Author: Azumah Foresight Xorlali Vendor Homepage: https://www.sourcecodester.com/php/14400/laundry-booking-management-system-php-source-code.html Software Link:...

0.4AI score
Exploits0
CNVD
CNVD
added 2021/07/23 12:0 a.m.16 views

CASAP Automated Enrollment SQL Injection Vulnerability (CNVD-2021-57782)

CASAP Automated Enrollment is an automated enrollment system for the CASAP organization in the United States. The purpose of the project is to provide CASAP with an automated enrollment system to streamline the school process and make it more effective, efficient and easy to retrieve...

9.8CVSS2.9AI score0.01476EPSS
Exploits1References1
OSV
OSV
added 2021/07/22 6:15 p.m.4 views

CVE-2021-26226

SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edituser.php...

9.8CVSS6.1AI score0.01476EPSS
Exploits1References1
Rows per page
Query Builder