Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

Cvelist
Cvelistadded 2017/06/24 5:0 p.m.15 views

CVE-2017-9848

SQL injection vulnerability in CInfoService.asmx in WebServices in Easysite 7.0 could allow remote attackers to execute arbitrary SQL commands via an XML document containing a crafted ArticleIDs element within a GetArticleHitsArray element...

9.9AI score0.00456EPSS
Exploits0References3
seebug.org
seebug.orgadded 2014/07/22 12:0 a.m.134 views

easysite内容管理系统某简单粗暴的SQL注入

简要描述: web services是不会骗人的! 大量gov站点采用了easysite内容管理系统。 详细说明: 1.soap注入 easysite webservice 文件: http://www.py.gov.cn/DesktopModules/CInfo/WebService/CInfoService.asmx 2.ArticleIDs参数存在SQL注入漏洞 随便找个放sqlmap里跑吧 POST /DesktopModules/CInfo/WebService/CInfoService.asmx HTTP/1.1 Host: dynamic.xmedu.gov.cn...

7.1AI score
Exploits0
Rows per page
Query Builder