Lucene search
K

80 matches found

CNVD
CNVD
added 2022/06/09 12:0 a.m.30 views

Rescue Dispatch Management System SQL注入漏洞(CNVD-2022-53918)

Rescue Dispatch Management System is a rescue dispatch management system from Carlo Montero's personal developer. rescue dispatch management system v1.0 is vulnerable to SQL injection, which originates from rdms/admin/ respondenttypes/viewrespondenttype.php?id=The page lacks validation for extern...

9.8CVSS2.6AI score0.01081EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/31 12:0 a.m.11 views

CSCMS Music Portal System SQL Injection Vulnerability (CNVD-2022-45898)

CSCMS Music Portal System is a diversified content management system from China Sunshine Network Technology CSCMS, Inc. A SQL injection vulnerability exists in CSCMS Music Portal System, which originates from the missing id parameter of /admin.php/news/admin/news/save validation of external input...

7.2CVSS3AI score0.00793EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/31 12:0 a.m.14 views

CSCMS Music Portal System SQL Injection Vulnerability (CNVD-2022-45899)

CSCMS Music Portal System is a diversified content management system from China Sunshine Network Technology CSCMS, Inc. A SQL injection vulnerability exists in CSCMS Music Portal System, which originates from the missing id parameter of /admin.php/news/admin/topic/save validation of external inpu...

7.2CVSS3AI score0.00793EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/31 12:0 a.m.10 views

CSCMS Music Portal System SQL Injection Vulnerability (CNVD-2022-45399)

CSCMS Music Portal System is a diversified content management system of China Chong Sheng Network Technology CSCMS Company. CSCMS Music Portal System suffers from a SQL injection vulnerability, which originates from the id parameter in /admin.php/singer/admin/lists/zhuan that lacks validation of...

7.2CVSS8.1AI score0.00896EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/31 12:0 a.m.9 views

CSCMS Music Portal System SQL Injection Vulnerability (CNVD-2022-45403)

CSCMS Music Portal System is a diversified content management system of China Chong Sheng Network Technology CSCMS Company. CSCMS Music Portal System suffers from a SQL injection vulnerability, which originates from the id parameter in /admin.php/User/levelsort that lacks validation of externally...

8.8CVSS8.1AI score0.00908EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/31 12:0 a.m.14 views

CSCMS Music Portal System SQL Injection Vulnerability (CNVD-2022-45402)

CSCMS Music Portal System is a diversified content management system of China Chong Sheng Network Technology CSCMS Company. CSCMS Music Portal System suffers from a SQL injection vulnerability that originates from the id parameter in /admin.php/user/leveldel that lacks validation of externally...

7.2CVSS8.1AI score0.00896EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/31 12:0 a.m.20 views

CSCMS Music Portal System SQL Injection Vulnerability (CNVD-2022-45398)

CSCMS Music Portal System is a diversified content management system of China Chong Sheng Network Technology CSCMS Company. CSCMS Music Portal System suffers from a SQL injection vulnerability that originates from the lack of validation of the id parameter of /admin.php/pic/admin/type/save for...

7.2CVSS8.2AI score0.00896EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/31 12:0 a.m.12 views

CSCMS Music Portal System SQL Injection Vulnerability (CNVD-2022-45896)

The CSCMS Music Portal System is a multi-faceted content management system from China Sunshine Network Technology CSCMS, Inc. A SQL injection vulnerability exists in the CSCMS Music Portal System, which stems from a lack of validation of externally entered SQL statements in the id parameter of...

7.2CVSS2.6AI score0.00896EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/31 12:0 a.m.8 views

CSCMS Music Portal System SQL Injection Vulnerability (CNVD-2022-45397)

CSCMS Music Portal System is a diversified content management system of China Chong Sheng Network Technology CSCMS Company. CSCMS Music Portal System suffers from a SQL injection vulnerability that originates from the lack of validation of the id parameter of /admin.php/pic/admin/type/plsave for...

8.8CVSS8.2AI score0.00908EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/26 12:0 a.m.16 views

Home Clean Services Management System SQL Injection Vulnerability

Home Clean Services Management System is a home cleaning service system. version 1.0 of Home Clean Services Management System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

6.5CVSS5.6AI score0.00909EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/05/24 12:0 a.m.22 views

School Dormitory Management System SQL Injection Vulnerability (CNVD-2022-66687)

School Dormitory Management System is a school dormitory management system. SQL injection vulnerability exists in School Dormitory Management System v1.0, which originates from /dms/admin/reports/dailycollection The report.php parameter lacks validation for external input SQL statements. An...

7.5CVSS2.9AI score0.01976EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/05/16 12:0 a.m.27 views

Online Sports Complex Booking System SQL注入漏洞(CNVD-2022-58670)

Online Sports Complex Booking System is an online stadium booking system by Carlo Montero, a personal developer. page=user/manageuser&id= lacks validation of external input SQL statements, which can be exploited to execute illegal SQL commands to steal sensitive database data...

9.8CVSS5.2AI score0.01091EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/16 12:0 a.m.23 views

Online Sports Complex Booking System SQL注入漏洞(CNVD-2022-58669)

Online Sports Complex Booking System is an online stadium booking system by Carlo Montero, a personal developer. page=facilities/managefacility&id= lacks validation of external input SQL statements, which can be exploited to execute illegal SQL commands to steal sensitive database data...

9.8CVSS5.2AI score0.01091EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/09 12:0 a.m.24 views

Mybatis-PageHelper SQL Injection Vulnerability

Mybatis-PageHelper is a paging plug-in. An SQL injection vulnerability exists in Mybatis-PageHelper versions 1.0 inclusive through 5.3.0 inclusive, which stems from the orderBy parameter's lack of validation for external input SQL statements. An attacker could use this vulnerability to execute...

7.5CVSS6.2AI score0.01656EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/04/28 12:0 a.m.22 views

CuppaCMS SQL Injection Vulnerability (CNVD-2022-63582)

CuppaCMS is a content management system CMS. SQL injection vulnerability exists in CuppaCMS v1.0, which originates from the missing validation of external input in the menufilter parameter in /administrator/templates/default/html/windows/right.php. SQL statement validation. An attacker could use...

9.8CVSS4.1AI score0.06679EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/24 12:0 a.m.58 views

Attendance and Payroll System SQL注入漏洞(CNVD-2022-33143)

Attendance and Payroll System is a PHP/MySQLi source code attendance and payroll system by oretnom23 individual developers. version v1.0 of Attendance and Payroll System is vulnerable to SQL injection, which originates from the component adminovertime delete.php lacks validation of external input...

8.8CVSS5.9AI score0.01095EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/24 12:0 a.m.24 views

Sourcecodester Baby Care System SQL注入漏洞(CNVD-2022-35525)

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability that originates in /admin/siteoptions.php & social=remove & sid= where the sid parameter lacks validation for externa...

9.8CVSS3.6AI score0.0122EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/24 12:0 a.m.23 views

Sourcecodester Baby Care System SQL注入漏洞(CNVD-2022-35529)

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability that originates in /admin/pagerole.php & action=display & value=1 & roleid= where the roleid parameter lacks validati...

9.8CVSS3.3AI score0.0122EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/24 12:0 a.m.17 views

Sourcecodester Baby Care System SQL注入漏洞(CNVD-2022-35531)

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability that originates in /admin/inbox.php & action=delete & msgid= where the msgid parameter lacks validation for external...

9.8CVSS3.4AI score0.0122EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/24 12:0 a.m.28 views

Sourcecodester Baby Care System SQL注入漏洞(CNVD-2022-35536)

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from the lack of validation of external input SQL in the /admin.php?id=posts & action=display & value=1 &...

9.8CVSS3.2AI score0.0122EPSS
Exploits1References1
Rows per page
Query Builder