CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

WordPress IWS Geo Form Fields <=1.0 - SQL Injection

WordPress IWS Geo Form Fields plugin through 1.0 contains a SQL injection vulnerability. The plugin does not properly escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users. An attacker can possibly obtain sensitive information, modify data,...

9.8CVSS8.1AI score0.60813EPSS

Exploits1References5

NVD•added 2023/09/12 8:15 p.m.•9 views

CVE-2023-21520

A PII Enumeration via Credential Recovery in the Self Service Credential Recovery of BlackBerry AtHoc version 7.15 could allow an attacker to potentially associate a list of contact details with an AtHoc IWS organization...

5.3CVSS5.2AI score0.0022EPSS

Exploits0References1

NVD•added 2022/12/26 1:15 p.m.•10 views

CVE-2022-4117

The IWS WordPress plugin through 1.0 does not properly escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection...

9.8CVSS0.60813EPSS

Exploits1References1

Cvelist•added 2022/12/26 12:28 p.m.•15 views

CVE-2022-4117 IWS - Geo Form Fields <= 1.0 - Unauthenticated SQLi

10AI score0.60813EPSS

Exploits1References1

CVE•added 2022/12/26 12:28 p.m.•96 views

CVE-2022-4117

The CVE-2022-4117 issue affects the WordPress IWS Geo Form Fields plugin (versions up to 1.0). The root cause is improper escaping of a parameter used in a SQL statement within an unauthenticated AJAX action, enabling unauthenticated SQL injection. The Nuclei/template and related sources describe...

9.8CVSS9.9AI score0.60813EPSS

In wildExploits1References1Affected Software1

Vulnrichment•added 2022/12/26 12:28 p.m.•4 views

CVE-2022-4117 IWS - Geo Form Fields <= 1.0 - Unauthenticated SQLi

7.7AI score0.60813EPSS

Exploits1References1

CNNVD•added 2022/12/26 12:0 a.m.•1 views

WordPress Plugin IWS SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

9.8CVSS8.5AI score0.60813EPSS

Exploits1References2

Positive Technologies•added 2022/12/26 12:0 a.m.•2 views

PT-2022-25692 · WordPress · Iws Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: IWS WordPress plugin version 1.0 Description: The issue arises from the improper escaping of a parameter before its use in a SQL statement via an AJAX action. This AJAX action is available to unauthenticated users, leading to an unauthenticat...

9.8CVSS9.8AI score0.60813EPSS

Exploits1References3

Openbugbounty•added 2022/06/13 9:41 a.m.•15 views

iws-westsachsen.de Cross Site Scripting vulnerability OBB-2649064

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score

Exploits0

Tenable Nessus•added 2007/10/03 12:0 a.m.•14 views

HP-UX Security Patch : PHSS_35306

Virtualvault 4.5 IWS Update %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26861; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

7AI score

Exploits0References1

Tenable Nessus•added 2007/10/03 12:0 a.m.•17 views

HP-UX Security Patch : PHSS_35105

Virtualvault 4.6 IWS update %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26851; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

7.1AI score

Exploits0References1

Tenable Nessus•added 2007/10/03 12:0 a.m.•9 views

HP-UX Security Patch : PHSS_35308

Virtualvault 4.7 IWS update %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26863; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

7.1AI score

Exploits0References1

Tenable Nessus•added 2007/10/03 12:0 a.m.•10 views

HP-UX Security Patch : PHSS_35554

Virtualvault 4.6 IWS update %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26869; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

7.1AI score

Exploits0References1

Tenable Nessus•added 2007/10/03 12:0 a.m.•15 views

HP-UX Security Patch : PHSS_35307

Virtualvault 4.6 IWS update %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26862; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

7.1AI score

Exploits0References1

Tenable Nessus•added 2007/10/03 12:0 a.m.•16 views

HP-UX Security Patch : PHSS_32139

Virtualvault 4.6 IWS update %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26744; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

7.1AI score

Exploits0References1

Tenable Nessus•added 2007/10/03 12:0 a.m.•16 views

HP-UX Security Patch : PHSS_35106

Virtualvault 4.7 IWS update %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26852; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

7.1AI score

Exploits0References1

Tenable Nessus•added 2007/10/03 12:0 a.m.•10 views

HP-UX Security Patch : PHSS_35555

Virtualvault 4.7 IWS update %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26870; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

7.1AI score

Exploits0References1

Tenable Nessus•added 2007/10/03 12:0 a.m.•10 views

HP-UX Security Patch : PHSS_28684

Virtualvault 4.6 IWS update %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26667; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

7.1AI score

Exploits0References1

Tenable Nessus•added 2007/10/03 12:0 a.m.•14 views

HP-UX Security Patch : PHSS_35104

Virtualvault 4.5 IWS Update %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26850; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

7AI score

Exploits0References1

Tenable Nessus•added 2007/10/03 12:0 a.m.•14 views

HP-UX Security Patch : PHSS_28521

Virtualvault 4.5 IWS Update %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26662; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

7AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by