Lucene search
+L

12 matches found

NVD
NVD
added 2026/01/16 12:16 a.m.10 views

CVE-2021-47811

Grocery Crud 1.6.4 contains a SQL injection vulnerability in the orderby parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the orderby parameter in POST requests to the ajaxlist endpoint to potentially extract or modify database...

9.1CVSS0.00531EPSS
Exploits1References4
OSV
OSV
added 2026/01/16 12:16 a.m.5 views

CVE-2021-47811

Grocery Crud 1.6.4 contains a SQL injection vulnerability in the orderby parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the orderby parameter in POST requests to the ajaxlist endpoint to potentially extract or modify database...

8.8CVSS5.8AI score
Exploits0References4
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.6 views

Grocery Crud security vulnerability

Grocery Crud is an open-source software development tool created by Grocery Crud. Version 1.6.4 of Grocery Crud contains a security vulnerability, which stems from SQL injection in the orderby parameter, potentially allowing for manipulation of database queries...

9.1CVSS5.8AI score0.00531EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/01/15 11:25 p.m.33 views

CVE-2021-47811 Grocery crud 1.6.4 - 'order_by' SQL Injection

Grocery Crud 1.6.4 contains a SQL injection vulnerability in the orderby parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the orderby parameter in POST requests to the ajaxlist endpoint to potentially extract or modify database...

9.1CVSS0.00531EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/01/15 11:25 p.m.5 views

CVE-2021-47811 Grocery crud 1.6.4 - 'order_by' SQL Injection

Grocery Crud 1.6.4 contains a SQL injection vulnerability in the orderby parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the orderby parameter in POST requests to the ajaxlist endpoint to potentially extract or modify database...

9.1CVSS7.8AI score0.00531EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/01/15 11:25 p.m.4 views

CVE-2021-47811

Grocery Crud 1.6.4 contains a SQL injection vulnerability in the orderby parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the orderby parameter in POST requests to the ajaxlist endpoint to potentially extract or modify database...

9.1CVSS6AI score0.00531EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/01/15 11:25 p.m.15 views

CVE-2021-47811

CVE-2021-47811 affects Grocery Crud 1.6.4. A SQL injection exists in the order_by parameter that allows remote attackers to manipulate queries. The vulnerability can be exploited via the order_by[] parameter in POST requests to the ajax_list endpoint, potentially enabling data extraction or modif...

9.1CVSS7.8AI score0.00531EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.11 views

PT-2026-3181

Grocery Crud 1.6.4 contains a SQL injection vulnerability in the order by parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the order by parameter in POST requests to the ajax list endpoint to potentially extract or modify...

8.8CVSS8.2AI score0.00531EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2021/06/11 12:0 a.m.279 views

Grocery Crud 1.6.4 SQL Injection

Exploit Title: Grocery crud 1.6.4 - 'orderby' SQL Injection Date: 11/06/1963 Exploit Author: TonyShavez Vendor Homepage: https://www.grocerycrud.com/ Software Link: https://www.grocerycrud.com/downloads Version: v2.0.1 Tested on: Linux Ubuntu Proof Of concept : ======================= Request: PO...

Exploits0
0day.today
0day.today
added 2021/06/11 12:0 a.m.41 views

Grocery crud 1.6.4 - (order_by) SQL Injection Vulnerability

Exploit Title: Grocery crud 1.6.4 - 'orderby' SQL Injection Exploit Author: TonyShavez Vendor Homepage: https://www.grocerycrud.com/ Software Link: https://www.grocerycrud.com/downloads Version: v2.0.1 Tested on: Linux Ubuntu Proof Of concept : ======================= Request: POST...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/11 12:0 a.m.314 views

Grocery crud 1.6.4 - 'order_by' SQL Injection

Exploit Title: Grocery crud 1.6.4 - 'orderby' SQL Injection Date: 11/06/1963 Exploit Author: TonyShavez Vendor Homepage: https://www.grocerycrud.com/ Software Link: https://www.grocerycrud.com/downloads Version: v2.0.1 Tested on: Linux Ubuntu Proof Of concept : ======================= Request: PO...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/11/06 12:0 a.m.31 views

Grocery crud 1.6.1 - 'search_field' SQL Injection

Exploit Title: Grocery crud 1.6.1 - 'searchfield' SQL Injection Google Dork: n/a Date: 2018-11-05 Exploit Author: Loading Kura Kura Vendor Homepage: https://www.grocerycrud.com/ Software Link: https://www.grocerycrud.com/downloads Version: 1.6.1 Tested on: Win10/Kali Linux CVE : 1. Proof of Conce...

7.4AI score
Exploits0
Rows per page
Query Builder