Lucene search
K

19 matches found

Wolfi
Wolfi
added 2026/04/11 2:51 a.m.9 views

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: cluster-api, gitsign, gitlab-kas, helm-set-status, gitaly, harbor, kyverno, minio-object-browser, hubble, openbao, docker-credential-gcr, hubble-ui, lazydocker, grafana-pyroscope, filebrowser, sftpgo, tetragon, yunikorn-k8shim, scorecard, seaweedfs,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.12 views

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: harbor-cli, kyverno, hubble, rancher-loglevel, docker-credential-gcr, lazydocker, whereabouts, grafana-pyroscope, filebrowser, scorecard, certificate-transparency, cilium, kubewatch, consul-k8s, kuberlr, mariadb-operator, kubernetes-csi-external-resizer,...

7.5CVSS6.9AI score0.00349EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.8 views

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: aws-flb-firehose-fips, osv-scanner, kube-mgmt-fips, vendir, ipfs-cluster, nsc-fips, atlas, paranoia, prometheus-podman-exporter-fips, oras, traefik-fips, kubernetes-dashboard, spegel, trivy-operator, vault, k8ssandra-client, syncthing, trivy-fips, net-kourier,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.12 views

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: aws-flb-firehose-fips, osv-scanner, kube-mgmt-fips, vendir, ipfs-cluster, nsc-fips, atlas, paranoia, prometheus-podman-exporter-fips, oras, traefik-fips, kubernetes-dashboard, spegel, trivy-operator, vault, k8ssandra-client, syncthing, trivy-fips, net-kourier,...

5.5CVSS6.2AI score0.0029EPSS
Exploits0
NVD
NVD
added 2022/12/06 5:15 p.m.18 views

CVE-2022-45326

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

4.9CVSS0.01139EPSS
Exploits1References2
OSV
OSV
added 2022/12/06 5:15 p.m.4 views

CVE-2022-45326

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

4.9CVSS5.8AI score0.01139EPSS
Exploits1References2
Prion
Prion
added 2022/12/06 5:15 p.m.19 views

Design/Logic Flaw

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

3.3CVSS5.1AI score0.01139EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/12/06 12:0 a.m.17 views

CVE-2022-45326

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

5.4AI score0.01139EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/12/06 12:0 a.m.7 views

CVE-2022-45326

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

6.9AI score0.01139EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/12/06 12:0 a.m.5 views

PT-2022-27466 · Kwoksys · Kwok Information Server

Name of the Vulnerable Software and Affected Versions: Kwoksys Kwok Information Server versions prior to 2.9.5.SP31 Description: An XML external entity XXE injection issue allows remote authenticated users to conduct server-side request forgery SSRF attacks. This enables attackers to manipulate t...

4.9CVSS5AI score0.01139EPSS
Exploits1References5
CVE
CVE
added 2022/12/06 12:0 a.m.66 views

CVE-2022-45326

CVE-2022-45326 affects Kwoksys Kwok Information Server — vulnerable component: XML processing (XXE) leading to server-side request forgery (SSRF). Affected: versions before 2.9.5.SP31; root cause is an XML external entity vulnerability. Impact as described: remote authenticated users can trigger ...

4.9CVSS5AI score0.01139EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2013/10/11 9:55 p.m.16 views

CVE-2013-5028

SQL injection vulnerability in IT/hardware-list.dll in Kwoksys Kwok Information Server before 2.8.5 allows remote authenticated users to execute arbitrary SQL commands via the 1 hardwareType, 2 hardwareStatus, or 3 hardwareLocation parameter in a search command...

6.5CVSS7.9AI score0.01947EPSS
Exploits3References4
Prion
Prion
added 2013/10/11 9:55 p.m.12 views

Sql injection

SQL injection vulnerability in IT/hardware-list.dll in Kwoksys Kwok Information Server before 2.8.5 allows remote authenticated users to execute arbitrary SQL commands via the 1 hardwareType, 2 hardwareStatus, or 3 hardwareLocation parameter in a search command...

6.5CVSS8.5AI score0.01947EPSS
Exploits3References4Affected Software1
Cvelist
Cvelist
added 2013/10/11 9:0 p.m.26 views

CVE-2013-5028

SQL injection vulnerability in IT/hardware-list.dll in Kwoksys Kwok Information Server before 2.8.5 allows remote authenticated users to execute arbitrary SQL commands via the 1 hardwareType, 2 hardwareStatus, or 3 hardwareLocation parameter in a search command...

7.9AI score0.01947EPSS
Exploits3References4
CVE
CVE
added 2013/10/11 9:0 p.m.41 views

CVE-2013-5028

Kwoksys Kwok Information Server vulnerable to SQL injection in IT/hardware-list.dll (versions before 2.8.5). Affected component is the search command handling (hardwareType, hardwareStatus, hardwareLocation) with remote-authenticated access leading to arbitrary SQL execution. Root cause is improp...

6.5CVSS8.2AI score0.01947EPSS
Exploits3References4Affected Software1
0day.today
0day.today
added 2013/09/13 12:0 a.m.37 views

Kwok Information Server 2.7.3 / 2.8.4 SQL Injection Vulnerability

Kwok Information Server versions 2.7.3 and 2.8.4 suffer from a remote blind SQL injection vulnerability. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ || || || Advisory : Kwok Information Server Blind Sql Injection || || Affected Version : 2.7.3 & 2.8.4 || || Vendor :...

6.5CVSS7.6AI score0.01947EPSS
Exploits3
Packet Storm
Packet Storm
added 2013/09/12 12:0 a.m.57 views

Kwok Information Server 2.7.3 / 2.8.4 SQL Injection

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ || || || Advisory : Kwok Information Server Blind Sql Injection || || Affected Version : 2.7.3 & 2.8.4 || || Vendor : http://www.kwoksys.com/index.php || || Risk : Medium || || CVE-ID : 2013-5028 || || Tested on Platform : Windows...

6.5CVSS6.7AI score0.01947EPSS
Exploits3
exploitpack
exploitpack
added 2013/08/07 12:0 a.m.12 views

Kwok Information Server - Multiple SQL Injections

Kwok Information Server - Multiple SQL Injections source: https://www.securityfocus.com/bid/61728/info Kwok Information Server is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may...

8AI score
Exploits0
Exploit DB
Exploit DB
added 2013/08/07 12:0 a.m.26 views

Kwok Information Server - Multiple SQL Injections

source: https://www.securityfocus.com/bid/61728/info Kwok Information Server is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application,...

7.4AI score
Exploits0
Rows per page
Query Builder