CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Gesior-AAC is an official tibia.com layout created based on cipsoft. A SQL injection vulnerability exists in the accountmanagement.php file in versions of Gesior-AAC prior to 2019-05-01. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based...

9.8CVSS8.2AI score0.00264EPSS

Exploits0References1

CNVD•added 2019/09/02 12:0 a.m.•1 views

Gesior-AAC SQL Injection Vulnerability (CNVD-2019-31346)

Gesior-AAC is an official tibia.com layout created based on cipsoft. A SQL injection vulnerability exists in the thankyou.php file in versions of Gesior-AAC prior to 2019-05-01. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. ...

9.8CVSS8.2AI score0.00307EPSS

Exploits0References1

CNVD•added 2019/09/02 12:0 a.m.•1 views

Gesior-AAC SQL Injection Vulnerability

Gesior-AAC is an official tibia.com layout created based on cipsoft. A SQL injection vulnerability exists in the shop.php file in versions of Gesior-AAC prior to 2019-05-01. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An...

9.8CVSS8.2AI score0.00307EPSS

Exploits0References1

NVD•added 2019/08/26 3:15 p.m.•9 views

CVE-2019-15572

Gesior-AAC before 2019-05-01 allows ServiceCategoryID SQL injection in shop.php...

9.8CVSS9.9AI score0.00307EPSS

Exploits0References1

NVD•added 2019/08/26 3:15 p.m.•7 views

CVE-2019-15574

Gesior-AAC before 2019-05-01 allows serviceID SQL injection in accountmanagement.php...

9.8CVSS9.9AI score0.00264EPSS

Exploits0References1

OSV•added 2019/08/26 3:15 p.m.•0 views

CVE-2019-15573

Gesior-AAC before 2019-05-01 allows SQL injection in tankyou.php...

9.8CVSS7.3AI score

Exploits0References1

OSV•added 2019/08/26 3:15 p.m.•0 views

CVE-2019-15574

Gesior-AAC before 2019-05-01 allows serviceID SQL injection in accountmanagement.php...

9.8CVSS5.8AI score

Exploits0References1

OSV•added 2019/08/26 3:15 p.m.•0 views

CVE-2019-15572

Gesior-AAC before 2019-05-01 allows ServiceCategoryID SQL injection in shop.php...

9.8CVSS7.3AI score0.00307EPSS

Exploits0References1

NVD•added 2019/08/26 3:15 p.m.•7 views

CVE-2019-15573

Gesior-AAC before 2019-05-01 allows SQL injection in tankyou.php...

9.8CVSS9.9AI score0.00307EPSS

Exploits0References1

Prion•added 2019/08/26 3:15 p.m.•9 views

Sql injection

Gesior-AAC before 2019-05-01 allows SQL injection in tankyou.php...

7.5CVSS9.8AI score0.00307EPSS

Exploits0References1Affected Software1

Prion•added 2019/08/26 3:15 p.m.•18 views

Sql injection

Gesior-AAC before 2019-05-01 allows serviceID SQL injection in accountmanagement.php...

7.5CVSS9.8AI score0.00264EPSS

Exploits0References1Affected Software1

Prion•added 2019/08/26 3:15 p.m.•9 views

Sql injection

Gesior-AAC before 2019-05-01 allows ServiceCategoryID SQL injection in shop.php...

7.5CVSS9.8AI score0.00307EPSS

Exploits0References1Affected Software1

CVE•added 2019/08/26 2:24 p.m.•36 views

CVE-2019-15572

The CVE-2019-15572 entry describes an SQL injection in Gesior-AAC’s shop.php, affecting versions prior to 2019-05-01. Root cause cited in CNVD-2019-31345 notes lack of validation for externally entered SQL statements in database-driven apps, enabling an attacker to execute arbitrary SQL commands....

9.8CVSS9.8AI score0.00307EPSS

Exploits0References1Affected Software1