Lucene search
K

1427 matches found

Prion
Prion
added 2023/08/10 2:15 p.m.26 views

Design/Logic Flaw

Adobe Acrobat Reader versions 23.003.20244 and earlier and 20.005.30467 and earlier are affected by an Untrusted Search Path vulnerability that could lead to Application denial-of-service. An attacker could leverage this vulnerability if the default PowerShell Set-ExecutionPolicy is set to...

1.2CVSS4.9AI score0.003EPSS
Exploits0References1Affected Software4
NVD
NVD
added 2023/07/24 4:15 a.m.24 views

CVE-2023-3862

A vulnerability was found in Travelmate Travelable Trek Management Solution 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Comment Box Handler. The manipulation of the argument comment leads to cross site scripting. The attack may be...

4.7CVSS3.9AI score0.00361EPSS
Exploits0References2
Prion
Prion
added 2023/07/24 4:15 a.m.15 views

Cross site scripting

A vulnerability was found in Travelmate Travelable Trek Management Solution 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Comment Box Handler. The manipulation of the argument comment leads to cross site scripting. The attack may be...

2.6CVSS4.5AI score0.00361EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/24 12:0 a.m.4 views

PT-2023-26534 · Unknown · Travelmate Travelable Trek Management Solution

Name of the Vulnerable Software and Affected Versions: Travelmate Travelable Trek Management Solution version 1.0 Description: A vulnerability was found in the component Comment Box Handler of the Travelmate Travelable Trek Management Solution. The manipulation of the comment argument leads to...

4.7CVSS6.5AI score0.00361EPSS
Exploits0References5
Prion
Prion
added 2023/07/23 2:15 a.m.23 views

Sql injection

A vulnerability, which was classified as problematic, has been found in DedeBIZ 6.2.10. Affected by this issue is some unknown functionality of the file /admin/syssqlquery.php. The manipulation of the argument sqlquery leads to sql injection. The attack may be launched remotely. The complexity of...

4.3CVSS7.2AI score0.00586EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/07/23 2:0 a.m.22 views

CVE-2023-3839 DedeBIZ sys_sql_query.php sql injection

A vulnerability, which was classified as problematic, has been found in DedeBIZ 6.2.10. Affected by this issue is some unknown functionality of the file /admin/syssqlquery.php. The manipulation of the argument sqlquery leads to sql injection. The attack may be launched remotely. The complexity of...

4.3CVSS7.4AI score0.00586EPSS
Exploits1References3
OSV
OSV
added 2023/07/23 2:0 a.m.16 views

CVE-2023-3839 DedeBIZ sys_sql_query.php sql injection

A vulnerability, which was classified as problematic, has been found in DedeBIZ 6.2.10. Affected by this issue is some unknown functionality of the file /admin/syssqlquery.php. The manipulation of the argument sqlquery leads to sql injection. The attack may be launched remotely. The complexity of...

4.1CVSS5.2AI score0.00586EPSS
Exploits1References5
Prion
Prion
added 2023/07/21 1:15 a.m.25 views

Design/Logic Flaw

A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This affects an unknown part of the file /Service/ImageStationDataService.asmx of the component File Name Handler. The manipulation leads to insufficiently random values. Th...

1.4CVSS4.3AI score0.00545EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/07/21 12:31 a.m.23 views

CVE-2023-3803 Chengdu Flash Flood Disaster Monitoring and Warning System File Name ImageStationDataService.asmx random values

A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This affects an unknown part of the file /Service/ImageStationDataService.asmx of the component File Name Handler. The manipulation leads to insufficiently random values. Th...

2.6CVSS4.5AI score0.00545EPSS
Exploits1References3
NVD
NVD
added 2023/07/19 7:15 a.m.32 views

CVE-2023-3763

A vulnerability was found in Intergard SGS 8.7.0. It has been declared as problematic. This vulnerability affects unknown code of the component SQL Query Handler. The manipulation leads to cleartext transmission of sensitive information. The attack can be initiated remotely. The complexity of an...

7.5CVSS5.6AI score0.00519EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/07/19 7:0 a.m.31 views

CVE-2023-3763 Intergard SGS SQL Query cleartext transmission

A vulnerability was found in Intergard SGS 8.7.0. It has been declared as problematic. This vulnerability affects unknown code of the component SQL Query Handler. The manipulation leads to cleartext transmission of sensitive information. The attack can be initiated remotely. The complexity of an...

3.7CVSS7.9AI score0.00519EPSS
Exploits1References3
CVE
CVE
added 2023/07/19 6:0 a.m.51 views

CVE-2023-3761

CVE-2023-3761 concerns Intergard SGS 8.7.0, specifically a vulnerability in the Password Change Handler that causes cleartext transmission of sensitive information. Exploitation is network-based and can be attempted remotely, with the attack having high impact on confidentiality and no impact on ...

7.5CVSS5.7AI score0.00403EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/06/04 12:15 a.m.20 views

Design/Logic Flaw

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Captura up to 8.0.0. It has been declared as critical. This vulnerability affects unknown code in the library CRYPTBASE.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The complexity of an attack i...

6CVSS7.6AI score0.00197EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/06/03 11:31 p.m.13 views

CVE-2023-3091 Captura CRYPTBASE.dll uncontrolled search path

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Captura up to 8.0.0. It has been declared as critical. This vulnerability affects unknown code in the library CRYPTBASE.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The complexity of an attack i...

7CVSS6.1AI score0.00197EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/06/03 12:0 a.m.8 views

PT-2023-23040 · Unknown +1 · Cryptbase.Dll +1

Name of the Vulnerable Software and Affected Versions: Captura versions up to 8.0.0 Description: A critical vulnerability was found in Captura, affecting unknown code in the library CRYPTBASE.dll. The manipulation leads to an uncontrolled search path. Attacking locally is a requirement, and the...

7.8CVSS7.1AI score0.00197EPSS
Exploits0References7
NVD
NVD
added 2023/05/25 9:15 p.m.23 views

CVE-2023-2900

A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as problematic. Affected is an unknown function of the file /Login/CheckLogin. The manipulation leads to use of weak hash. It is possible to launch the attack remotely. The complexity of an attack is...

7.5CVSS5.2AI score0.00654EPSS
Exploits1References3
NVD
NVD
added 2023/03/20 10:15 a.m.36 views

CVE-2023-1506

A vulnerability, which was classified as critical, was found in SourceCodester E-Commerce System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument UUSERNAME leads to sql injection. It is possible to launch the attack remotely. The complexity of an attack...

8.1CVSS6.7AI score0.00506EPSS
Exploits0References2
NVD
NVD
added 2023/03/20 9:15 a.m.25 views

CVE-2023-1502

A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/editcustomer.php. The manipulation of the argument firstname/mi/lastname with the input a' RLIKE SLEEP5 AND...

8.1CVSS6.6AI score0.00608EPSS
Exploits1References2
Prion
Prion
added 2023/03/20 9:15 a.m.21 views

Sql injection

A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/editcustomer.php. The manipulation of the argument firstname/mi/lastname with the input a' RLIKE SLEEP5 AND...

5.1CVSS9.6AI score0.00608EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/03/20 9:0 a.m.29 views

CVE-2023-1505 SourceCodester E-Commerce System setDiscount.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester E-Commerce System 1.0. This issue affects some unknown processing of the file /ecommerce/admin/settings/setDiscount.php. The manipulation of the argument id with the input 201737 AND SELECT 8973 FROM...

5CVSS8.6AI score0.00551EPSS
Exploits1References2
Rows per page
Query Builder