Lucene search
+L

4 matches found

EUVD
EUVD
added 2025/12/18 9:31 p.m.5 views

EUVD-2025-204369

A SQL injection vulnerability in Kentico Xperience allows authenticated editors to inject malicious SQL queries via online marketing macro method parameters. This enables unauthorized database access and potential data manipulation by exploiting macro method input validation weaknesses...

8.8CVSS7.2AI score0.00263EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/18 7:53 p.m.8 views

CVE-2021-47711 Kentico Xperience <= 13.0.52 Online Marketing Macros SQL Injection

A SQL injection vulnerability in Kentico Xperience allows authenticated editors to inject malicious SQL queries via online marketing macro method parameters. This enables unauthorized database access and potential data manipulation by exploiting macro method input validation weaknesses...

8.8CVSS7.3AI score0.00263EPSS
Exploits0References2
CVE
CVE
added 2025/12/18 7:53 p.m.14 views

CVE-2021-47711

Kentico Xperience SQL Injection (CVE-2021-47711) affects Online Marketing Macro Method inputs in Kentico Xperience libraries. The root cause is lack of validation for externally entered SQL in macro method parameters (e.g., DidActivity/whereCondition), enabling authenticated editors to inject mal...

8.8CVSS7.3AI score0.00263EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/12/18 7:53 p.m.29 views

CVE-2021-47711 Kentico Xperience <= 13.0.52 Online Marketing Macros SQL Injection

A SQL injection vulnerability in Kentico Xperience allows authenticated editors to inject malicious SQL queries via online marketing macro method parameters. This enables unauthorized database access and potential data manipulation by exploiting macro method input validation weaknesses...

8.8CVSS0.00263EPSS
Exploits0References2
Rows per page
Query Builder