Lucene search
+L

87 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-32996

Malicious code in bioql PyPI...

10CVSS9.4AI score0.01556EPSS
Exploits1References1
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-28694

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.00981EPSS
Exploits1References5
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-4713

Malicious code in bioql PyPI...

8.4CVSS6.4AI score0.00268EPSS
Exploits1References2
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-36057

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.0102EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 8:1 a.m.5 views

CVE-2024-40479

A SQL injection vulnerability in "/admin/quizquestion.php" in Kashipara Online Exam System v1.0 allows remote attackers to execute arbitrary SQL commands via the "eid" parameter...

8.1CVSS8.6AI score0.00797EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 3:22 a.m.7 views

CVE-2023-24684

ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the EID parameter at GetText.php...

7.2CVSS8.3AI score0.00981EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 10:59 p.m.15 views

CVE-2022-32991

Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the eid parameter at welcome.php...

8.8CVSS8.3AI score0.0102EPSS
Exploits1References1
cnvd
cnvd
added 2025/03/27 12:0 a.m.4 views

Art Gallery Management System art-enquiry.php File SQL Injection Vulnerability

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter eid of art-enquiry.php. An attacker can exploit this...

9.8CVSS8.3AI score0.0041EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2025/02/19 8:52 a.m.5 views

CVE-2025-1133 SQL Injection in ChurchCRM EID Parameter via EditEventAttendees.php

A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary SQL queries by exploiting a boolean-based blind SQL Injection vulnerability in the EditEventAttendees functionality. The EID parameter is directly concatenated into an SQL query without proper...

9.3CVSS8AI score0.00583EPSS
Exploits1References1
cve
cve
added 2025/02/19 8:34 a.m.49 views

CVE-2025-1024

ChurchCRM 5.13.0 is affected by a Reflected Cross‑Site Scripting (XSS) in EditEventAttendees.php (EID parameter) that requires administrative privileges. The vulnerability enables an attacker to execute arbitrary JavaScript in a victim’s browser, potentially stealing session cookies, acting on be...

8.4CVSS5.9AI score0.00268EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2025/02/19 8:34 a.m.30 views

CVE-2025-1024 Session Hijacking via Reflected Cross-Site Scripting (XSS) in ChurchCRM EditEventAttendees.php EID Parameter

A vulnerability exists in ChurchCRM 5.13.0 that allows an attacker to execute arbitrary JavaScript in a victim's browser via Reflected Cross-Site Scripting XSS in the EditEventAttendees.php page. This requires Administration privileges and affects the EID parameter. The flaw allows an attacker to...

8.4CVSS0.00268EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2025/02/19 8:34 a.m.17 views

CVE-2025-1024 Session Hijacking via Reflected Cross-Site Scripting (XSS) in ChurchCRM EditEventAttendees.php EID Parameter

A vulnerability exists in ChurchCRM 5.13.0 that allows an attacker to execute arbitrary JavaScript in a victim's browser via Reflected Cross-Site Scripting XSS in the EditEventAttendees.php page. This requires Administration privileges and affects the EID parameter. The flaw allows an attacker to...

8.4CVSS5.9AI score0.00268EPSS
Exploits1References1
osv
osv
added 2025/02/19 8:34 a.m.17 views

CVE-2025-1024 Session Hijacking via Reflected Cross-Site Scripting (XSS) in ChurchCRM EditEventAttendees.php EID Parameter

A vulnerability exists in ChurchCRM 5.13.0 that allows an attacker to execute arbitrary JavaScript in a victim's browser via Reflected Cross-Site Scripting XSS in the EditEventAttendees.php page. This requires Administration privileges and affects the EID parameter. The flaw allows an attacker to...

8.4CVSS6.2AI score0.00268EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2025/02/19 12:0 a.m.4 views

PT-2025-7493 · Churchcrm · Churchcrm

Name of the Vulnerable Software and Affected Versions: ChurchCRM versions 5.13.0 and prior Description: A boolean-based blind SQL Injection vulnerability exists in the EditEventAttendees functionality, allowing an attacker to execute arbitrary SQL queries. The EID parameter is directly concatenat...

9.3CVSS10AI score0.00583EPSS
Exploits1References10
cnvd
cnvd
added 2024/12/30 12:0 a.m.4 views

Responsive Hotel Site newsletter.php file SQL Injection Vulnerability

Responsive Hotel Site is a responsive hotel website. Responsive Hotel Site suffers from a SQL injection vulnerability that originates from insufficient input validation of the eid parameter in file /admin/newsletter.php. An attacker can use this vulnerability to obtain sensitive information or...

9.8CVSS7.7AI score0.0067EPSS
Exploits1References1
cnnvd
cnnvd
added 2024/12/29 12:0 a.m.5 views

code-projects Responsive Hotel Site 注入漏洞

Responsive Hotel Site is a responsive hotel website. Responsive Hotel Site suffers from a SQL injection vulnerability that originates from insufficient input validation of the eid parameter in file /admin/newsletter.php. An attacker can use this vulnerability to obtain sensitive information or...

9.8CVSS7.6AI score0.0067EPSS
Exploits1References6
osv
osv
added 2024/12/22 7:15 a.m.5 views

CVE-2024-12891

A vulnerability classified as critical has been found in code-projects Online Exam Mastering System 1.0. Affected is an unknown function of the file /account.php?q=quiz&step=2. The manipulation of the argument eid leads to sql injection. It is possible to launch the attack remotely. The exploit h...

8.8CVSS5.8AI score0.00508EPSS
Exploits1References5
osv
osv
added 2024/12/22 6:15 a.m.3 views

CVE-2024-12890

A vulnerability was found in code-projects Online Exam Mastering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /update.php?q=quiz&step=2. The manipulation of the argument eid leads to sql injection. The attack may be initiated remotely. The...

8.8CVSS5.8AI score0.00508EPSS
Exploits1References5
cnnvd
cnnvd
added 2024/12/22 12:0 a.m.4 views

Code-Projects Online Exam Mastering System 注入漏洞

Code-Projects Online Exam Mastering System is a Code-Projects open source online exam system. An injection vulnerability exists in code-projects Online Exam Mastering System version 1.0, which is caused by an SQL injection into the parameter eid...

8.8CVSS7AI score0.00508EPSS
Exploits1References6
osv
osv
added 2024/08/12 1:38 p.m.4 views

CVE-2024-40479

A SQL injection vulnerability in "/admin/quizquestion.php" in Kashipara Online Exam System v1.0 allows remote attackers to execute arbitrary SQL commands via the "eid" parameter...

8.1CVSS6.1AI score0.00797EPSS
Exploits1References2
Rows per page
Query Builder