Lucene search
+L

227 matches found

OSV
OSV
added 2024/02/09 2:15 p.m.5 views

CVE-2024-25316

Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel/admin/usersettingdel.php?eid=2...

9.8CVSS5.8AI score0.00749EPSS
Exploits1References1
NVD
NVD
added 2024/02/09 2:15 p.m.25 views

CVE-2024-25316

Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel/admin/usersettingdel.php?eid=2...

9.8CVSS9.9AI score0.00749EPSS
Exploits1References1
Prion
Prion
added 2024/02/09 2:15 p.m.27 views

Sql injection

Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel/admin/usersettingdel.php?eid=2...

7.5CVSS8.8AI score0.00749EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/02/09 12:0 a.m.6 views

PT-2024-20885 · Code Projects · Code-Projects Hotel Managment System

Name of the Vulnerable Software and Affected Versions: Code-projects Hotel Managment System version 1.0 Description: The issue allows SQL Injection via the eid parameter in the "Hotel/admin/usersettingdel.php?eid=2" endpoint. This means an attacker could potentially inject malicious SQL code by...

9.8CVSS7.8AI score0.00749EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/02/09 12:0 a.m.13 views

CVE-2024-25316

Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel/admin/usersettingdel.php?eid=2...

8.2AI score0.00749EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/02/09 12:0 a.m.9 views

Hotel Managment System SQL Injection Vulnerability

Hotel Managment System is an open source hotel management system from Code-projects. Code-projects Hotel Managment System version 1.0 suffers from a SQL injection vulnerability that originates from allowing SQL injection via the eid parameter in Hotel/admin/usersettingdel.php...

9.8CVSS8AI score0.00749EPSS
Exploits1References2
OSV
OSV
added 2023/12/21 4:15 p.m.5 views

CVE-2023-45117

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the /update.php?q=rmquiz resource does not validate the characters received and they are sent unfiltered to the database...

8.8CVSS5.8AI score0.00507EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/12/21 3:47 p.m.27 views

CVE-2023-45117 Online Examination System v1.0 - Multiple Authenticated SQL Injections (SQLi)

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the /update.php?q=rmquiz resource does not validate the characters received and they are sent unfiltered to the database...

8.8CVSS10AI score0.00507EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/21 12:0 a.m.5 views

Projectworlds Online Examination System SQL Injection Vulnerability

Projectworlds Online Examination System is an online examination system from Projectworlds India. Projectworlds Online Examination System v1.0 suffers from a SQL injection vulnerability, which stems from the "eid" parameter of update.php not validating received characters and sending them to the...

8.8CVSS7.9AI score0.00507EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/12/21 12:0 a.m.5 views

PT-2023-29416 · Unknown · Online Examination System

Name of the Vulnerable Software and Affected Versions: Online Examination System version 1.0 Description: The issue concerns multiple Authenticated SQL Injection vulnerabilities. Specifically, the eid parameter of the "/update.php?q=rmquiz" resource does not validate the characters received, and...

9.8CVSS8.9AI score0.00507EPSS
Exploits0References7
Packet Storm
Packet Storm
added 2023/02/28 12:0 a.m.276 views

ChurchCRM 4.5.3 SQL Injection

Title: ChurchCRM-4.5.3-121fcc1-SQLi Author: nu11secur1ty Date: 02.27.2023 Vendor: http://churchcrm.io/ Software: https://github.com/ChurchCRM/CRM Reference: https://portswigger.net/web-security/sql-injection Description: In the manual insertion point 1 - parameter EID appears to be vulnerable to...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/02/28 12:0 a.m.439 views

ChurchCRM 4.5.3 SQL Injection Vulnerability

Title: ChurchCRM-4.5.3-121fcc1-SQLi Author: nu11secur1ty Vendor: http://churchcrm.io/ Software: https://github.com/ChurchCRM/CRM Reference: https://portswigger.net/web-security/sql-injection Description: In the manual insertion point 1 - parameter EID appears to be vulnerable to SQL injection...

0.2AI score
Exploits0
NVD
NVD
added 2023/02/09 10:15 p.m.25 views

CVE-2023-24684

ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the EID parameter at GetText.php...

7.2CVSS7.3AI score0.00981EPSS
Exploits1References4
Prion
Prion
added 2023/02/09 10:15 p.m.19 views

Sql injection

ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the EID parameter at GetText.php...

5.8CVSS7.2AI score0.00981EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/09 12:0 a.m.6 views

CVE-2023-24684

ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the EID parameter at GetText.php...

8.5AI score0.00981EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/02/09 12:0 a.m.30 views

CVE-2023-24684

ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the EID parameter at GetText.php...

7.5AI score0.00981EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/02/09 12:0 a.m.5 views

ChurchCRM SQL注入漏洞

ChurchCRM is an open source CRM system for churches. A security vulnerability exists in ChurchCRM v4.5.3 and earlier versions that stems from the presence of a SQL injection vulnerability via the EID parameter in GetText.php...

7.2CVSS7.2AI score0.00981EPSS
Exploits1References5
OSV
OSV
added 2022/08/12 3:15 p.m.7 views

CVE-2022-20259

In Telephony, there is a possible leak of ICCID and EID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-221431393...

5.5CVSS5.9AI score0.00089EPSS
Exploits0References1
NVD
NVD
added 2022/08/12 3:15 p.m.25 views

CVE-2022-20259

In Telephony, there is a possible leak of ICCID and EID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-221431393...

5.5CVSS0.00089EPSS
Exploits0References1
Prion
Prion
added 2022/08/12 3:15 p.m.17 views

Information disclosure

In Telephony, there is a possible leak of ICCID and EID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-221431393...

1.7CVSS5.5AI score0.00089EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder