Lucene search
K

27 matches found

CNVD
CNVD
added 2020/03/31 12:0 a.m.5 views

Grandstream UCM6200 SQL Injection Vulnerability

The Grandstream UCM6200 is an enterprise-class switch for IP telephony communications from Grandstream. A SQL injection vulnerability exists in the Grandstream UCM6200 series prior to version 1.0.20.22. The vulnerability stems from a database-based application that lacks validation of externally...

5.9CVSS8.1AI score0.01709EPSS
Exploits5
CNVD
CNVD
added 2020/02/11 12:0 a.m.2 views

Nextcloud Android SQL Injection Vulnerability

Nextcloud is a suite of client-server software for creating network drives.Nextcloud Android is the Nextcloud Android client. A security vulnerability exists in Nextcloud Android. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications...

2.4CVSS7.7AI score0.00507EPSS
Exploits1References1
CNVD
CNVD
added 2019/12/20 12:0 a.m.6 views

Equinox Control Expert SQL Injection Vulnerability

Equinox Control Expert is a human interface and data acquisition and monitoring system from Equinox Argentina. A SQL injection vulnerability exists in Equinox Control Expert. The vulnerability stems from a lack of validation of externally entered SQL statements in a database-based application. A...

9.8CVSS8.5AI score0.01889EPSS
Exploits0References1
CNVD
CNVD
added 2019/11/05 12:0 a.m.5 views

TYPO3 SQL Injection Vulnerability (CNVD-2019-40296)

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A SQL injection vulnerability exists in the back-end of TYPO3, which stems from a lack of validation of externally entered SQL statements in database-based applications and can be exploited...

8.8CVSS6.4AI score0.01187EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/13 12:0 a.m.2 views

Lansweeper SQL Injection Vulnerability

Lansweeper is an IT asset management system. A SQL injection vulnerability exists in Lansweeper versions prior to 7.1.117.4, which stems from a lack of validation of externally-entered SQL statements in database-based applications and can be exploited by an attacker to execute illegal SQL command...

9.1CVSS8.2AI score0.1131EPSS
Exploits1References1
CNVD
CNVD
added 2019/07/24 12:0 a.m.2 views

Metinfo SQL Injection Vulnerability (CNVD-2019-24207)

MetInfo is a content management system CMS developed by China Mito MetInfo using PHP and Mysql. A SQL injection vulnerability exists in MetInfo version 6.x. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can explo...

8.8CVSS8.2AI score0.01269EPSS
Exploits1References1
CNVD
CNVD
added 2019/04/04 12:0 a.m.3 views

MKCMS SQL Injection Vulnerability

MKCMS is a content management system. A SQL injection vulnerability exists in MKCMS version V5.0. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to execute illegal SQL commands...

9.8CVSS8.2AI score0.01464EPSS
Exploits1References1
Rows per page
Query Builder