Lucene search
K

72 matches found

Cvelist
Cvelist
added 2024/05/23 4:34 p.m.17 views

CVE-2024-34935

A SQL injection vulnerability in /view/conversationhistoryadmin.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversationid parameter...

8.1AI score0.0051EPSS
Exploits1References1
Prion
Prion
added 2018/01/23 6:29 p.m.20 views

Sql injection

SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledgebase/getarticlesuggestion/...

7.5CVSS9.9AI score0.03344EPSS
Exploits5References2Affected Software1
NVD
NVD
added 2017/04/13 2:59 p.m.22 views

CVE-2016-2555

SQL injection vulnerability in include/lib/mysqlconnect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php...

9.8CVSS9.9AI score0.79622EPSS
Exploits7References5
NVD
NVD
added 2014/09/19 10:55 a.m.21 views

CVE-2014-4424

SQL injection vulnerability in Wiki Server in CoreCollaboration in Apple OS X Server before 2.2.3 and 3.x before 3.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS7.9AI score0.02373EPSS
Exploits0References9
CVE
CVE
added 2014/08/07 10:0 a.m.47 views

CVE-2014-3773

CVE-2014-3773 concerns TeamPass prior to version 2.1.20, with multiple SQL injection vulnerabilities exposed through various parameters in the web interface. The affected components include sources/main.queries.php (login-related actions: send_pw_by_email, generate_new_password) and data handling...

7.5CVSS8.3AI score0.02114EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2014/04/22 2:23 p.m.21 views

Sql injection

SQL injection vulnerability in the getactivesession function in the KTAPIUserSession class in webservice/clienttools/services/mdownload.php in KnowledgeTree 3.7.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the u parameter, related to the getFileName function...

7.5CVSS9AI score0.01164EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2014/04/18 2:0 p.m.25 views

CVE-2013-7369

SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09, Anti-Virus for Citrix Servers 9.00 before HF09, and F-Secure Email and Server Security and F-Secure...

8.4AI score0.01264EPSS
Exploits0References2
Prion
Prion
added 2014/01/15 4:8 p.m.16 views

Sql injection

SQL injection vulnerability in CSP MySQL User Manager 2.3 allows remote attackers to execute arbitrary SQL commands via the login field of the login page...

7.5CVSS9AI score0.02091EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2012/11/26 10:0 p.m.34 views

CVE-2012-6039

SQL injection vulnerability in viewcomments.php in YABSoft Advanced Image Hosting AIH Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter...

8.4AI score0.01113EPSS
Exploits1References3
Prion
Prion
added 2012/11/17 9:55 p.m.19 views

Sql injection

SQL injection vulnerability in blogs/htsrv/viewfile.php in b2evolution 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via the root parameter...

6.5CVSS8.6AI score0.0115EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2012/11/17 9:0 p.m.51 views

CVE-2012-5910

CVE-2012-5910 is a SQL injection in blogs/htsrv/viewfile.php of b2evolution 4.1.3. An authenticated remote user can inject SQL via the root parameter to execute arbitrary commands. Impact is partial confidentiality/integrity/availability as stated; attack vector is web-based with single-privilege...

6.5CVSS8.2AI score0.0115EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2012/10/08 8:55 p.m.21 views

CVE-2012-5327

Multiple SQL injection vulnerabilities in fs-admin/fs-admin.php in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the 1 deleteusrgrp parameter in a deleteusergroups action, 2 usergroup paramete...

6.5CVSS8.1AI score0.01731EPSS
Exploits1References4
CVE
CVE
added 2012/08/12 9:0 p.m.48 views

CVE-2012-3468

CVE-2012-3468 affects the Ushahidi Platform prior to 2.5. The vulnerability tier is high (CVSS v2 base score 7.5) and stems from multiple SQL injection weaknesses in specific code paths: (1) verify() in application/controllers/alerts.php, (2) save_all() in application/models/settings.php, and (3)...

7.5CVSS8.7AI score0.01324EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2012/02/02 5:55 p.m.13 views

CVE-2012-0980

SQL injection vulnerability in download.php in phux Download Manager allows remote attackers to execute arbitrary SQL commands via the file parameter...

7.5CVSS8.3AI score0.01102EPSS
Exploits1References3
Cvelist
Cvelist
added 2011/04/15 7:0 p.m.24 views

CVE-2011-1653

Multiple SQL injection vulnerabilities in the Unified Network Control UNC Server in CA Total Defense TD r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the 1 UnAssignFunctionalRoles, 2 UnassignAdminRoles, 3 DeleteFilter, 4 NonAssignedUserList, 5...

8AI score0.88655EPSS
Exploits12References22
Prion
Prion
added 2011/02/25 5:0 p.m.11 views

Sql injection

Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the 1 findfid, 2 id, 3 selectfcat, 4 selectfmon, or 5 selectftag parameter in an images action...

6.5CVSS8.8AI score0.01297EPSS
Exploits2References3Affected Software1
CVE
CVE
added 2010/06/07 2:0 p.m.53 views

CVE-2010-1904

RSA Key Manager (RKM) C Client 1.5.x is vulnerable to SQL injection via the metadata in encrypted data, allowing an attacker to manipulate the KeyTable/config caching data and potentially modify or delete encryption keys. The vulnerability arises from improper validation of metadata during key lo...

6.8CVSS8.5AI score0.01581EPSS
Exploits4References9Affected Software1
Prion
Prion
added 2010/03/24 10:44 p.m.11 views

Sql injection

SQL injection vulnerability in vedifaq.php in PHP Trouble Ticket 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS9.1AI score0.00957EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2009/10/01 2:30 p.m.15 views

Sql injection

SQL injection vulnerability in viewListing.php in linkSpheric 0.74 Beta 6 allows remote attackers to execute arbitrary SQL commands via the listID parameter...

7.5CVSS9AI score0.00947EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2009/09/30 3:30 p.m.15 views

Sql injection

SQL injection vulnerability in students.php in BPowerHouse BPStudents 1.0 allows remote attackers to execute arbitrary SQL commands via the test parameter in a preview action...

7.5CVSS9.1AI score0.01199EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder