Lucene search
K

7210 matches found

Vulnrichment
Vulnrichment
added 2023/12/07 12:0 a.m.11 views

CVE-2023-48208

A Cross Site Scripting vulnerability in Availability Booking Calendar 5.0 allows an attacker to inject JavaScript via the name, pluginsmsapikey, pluginsmscountrycode, uuid, title, or country name parameter to index.php...

6.5AI score0.00499EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
added 2023/11/26 12:0 a.m.3 views

VulnCheck KEV: CVE-2019-12593

IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal...

7.5CVSS7.1AI score0.40965EPSS
Exploits5References1
WPVulnDB
WPVulnDB
added 2023/11/24 12:0 a.m.23 views

BackWPup < 4.0.2 - Authenticated (Administrator+) Directory Traversal

Description The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally,...

8.7CVSS6.8AI score0.00926EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/11/14 10:15 p.m.12 views

Sql injection

SQL Injection vulnerability in index.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary SQL commands and obtain sensitive information via the 'searchdata' parameter...

5CVSS8.1AI score0.01079EPSS
Exploits4References1Affected Software1
CVE
CVE
added 2023/11/14 12:0 a.m.66 views

CVE-2023-46024

The CVE-2023-46024 entry concerns the phpgurukul Teacher Subject Allocation Management System 1.0. Affected software/component: index.php in the application. Vulnerable vector: the searchdata parameter, where insufficient validation protection enables SQL injection. Root cause: lack of input vali...

7.5CVSS7.8AI score0.01079EPSS
Exploits4References1Affected Software1
Cvelist
Cvelist
added 2023/11/14 12:0 a.m.31 views

CVE-2023-46024

SQL Injection vulnerability in index.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary SQL commands and obtain sensitive information via the 'searchdata' parameter...

8.1AI score0.01079EPSS
Exploits4References1
Vulnrichment
Vulnrichment
added 2023/11/14 12:0 a.m.9 views

CVE-2023-46024

SQL Injection vulnerability in index.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary SQL commands and obtain sensitive information via the 'searchdata' parameter...

7.8AI score0.01079EPSS
Exploits4References1
NVD
NVD
added 2023/11/13 10:15 p.m.27 views

CVE-2023-46015

Cross Site Scripting XSS vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL...

6.1CVSS0.00471EPSS
Exploits3References1
Cvelist
Cvelist
added 2023/11/13 12:0 a.m.28 views

CVE-2023-46015

Cross Site Scripting XSS vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL...

6.2AI score0.00471EPSS
Exploits3References1
NVD
NVD
added 2023/11/10 3:15 p.m.8 views

CVE-2023-6075

A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file index.php of the component Reservation Request Handler. The manipulation leads to cross site scripting. It is possible to launch the attack...

6.1CVSS0.00491EPSS
Exploits0References2
Veracode
Veracode
added 2023/11/09 6:35 a.m.21 views

Improper Authorization

prestashop/blockreassurance is vulnerable to Improper Authorization. The vulnerability arises due to a lack of validation during an image file check. While adding a block, an attacker can potentially enter the path of any file in the project instead of the image. When deleting the block, the file...

8.1CVSS7AI score0.00771EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2023/11/07 8:37 p.m.26 views

CVE-2023-46679 Online Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtunameemail' parameter of the index.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS10AI score0.00831EPSS
Exploits1References2
OSV
OSV
added 2023/11/03 12:15 p.m.3 views

CVE-2023-4592

A Cross-Site Scripting vulnerability has been detected in WPN-XM Serverstack affecting version 0.8.6. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload through the /tools/webinterface/index.php parameter and retrieve the cookie session details of an...

6.1CVSS5.7AI score0.00424EPSS
Exploits0References1
NVD
NVD
added 2023/11/03 12:15 p.m.14 views

CVE-2023-4592

A Cross-Site Scripting vulnerability has been detected in WPN-XM Serverstack affecting version 0.8.6. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload through the /tools/webinterface/index.php parameter and retrieve the cookie session details of an...

6.1CVSS6AI score0.00424EPSS
Exploits0References1
NVD
NVD
added 2023/11/02 7:15 p.m.10 views

CVE-2023-5923

A vulnerability classified as critical has been found in Campcodes Simple Student Information System 1.0. This affects an unknown part of the file /admin/index.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The...

7.5CVSS6.6AI score0.00533EPSS
Exploits1References3
Prion
Prion
added 2023/11/01 7:15 p.m.16 views

Sql injection

SQL injection vulnerability in wuzhicms v.4.1.0 allows a remote attacker to execute arbitrary code via the Database Backup Functionality in the coreframe/app/database/admin/index.php component...

7.5CVSS9.7AI score0.01163EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/01 12:0 a.m.12 views

CVE-2023-46482

SQL injection vulnerability in wuzhicms v.4.1.0 allows a remote attacker to execute arbitrary code via the Database Backup Functionality in the coreframe/app/database/admin/index.php component...

8.6AI score0.01163EPSS
Exploits1References1
OSV
OSV
added 2023/10/26 6:15 p.m.4 views

CVE-2023-5794

A vulnerability was found in PHPGurukul Online Railway Catering System 1.0. It has been classified as critical. Affected is an unknown function of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. It is possible to launch the attack...

9.8CVSS5.7AI score
Exploits0References3
Cvelist
Cvelist
added 2023/10/26 5:0 p.m.25 views

CVE-2023-5794 PHPGurukul Online Railway Catering System Login index.php sql injection

A vulnerability was found in PHPGurukul Online Railway Catering System 1.0. It has been classified as critical. Affected is an unknown function of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. It is possible to launch the attack...

7.5CVSS10AI score0.00711EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/10/26 12:0 a.m.4 views

PT-2023-32332 · Unknown · Phpgurukul Online Railway Catering System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Railway Catering System version 1.0 Description: A critical issue was found in the Login component of the PHPGurukul Online Railway Catering System. The manipulation of the username argument leads to SQL injection. This issu...

9.8CVSS8AI score0.00711EPSS
Exploits1References8
Rows per page
Query Builder