Lucene search
K

74 matches found

CVE
CVE
added 2023/09/25 3:31 p.m.85 views

CVE-2023-0626

CVE-2023-0626 affects Docker Desktop prior to 4.12.0, where an RCE vulnerability exists via query parameters in the message-box route. Root cause is an insecure handling of query parameters in the message-box endpoint, leading to remote code execution with high impact on confidentiality, integrit...

9.8CVSS8.3AI score0.00739EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/05/27 12:0 a.m.14 views

Docker Desktop 代码注入漏洞

Docker Desktop is a container technology-based desktop software for lightweight deployment of applications from the U.S. company Docker. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...

9.8CVSS9.1AI score0.00739EPSS
Exploits0References3
CNVD
CNVD
added 2023/02/09 12:0 a.m.45 views

Forget Heart Message Box SQL Injection Vulnerability (CNVD-2023-08089)

Forget Heart Message Box is a message site. v1.1 of Forget Heart Message Box contains a security vulnerability that originates from a SQL injection vulnerability found through the name parameter in /admin/loginpost.php. No detailed vulnerability details are available at this time...

9.8CVSS1.2AI score0.00741EPSS
Exploits1References1
CNVD
CNVD
added 2023/02/07 12:0 a.m.34 views

Forget Heart Message Box SQL Injection Vulnerability

Forget Heart Message Box is a messaging website. v1.1 of Forget Heart Message Box is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the name parameter of ca.php. An attacker could use this vulnerability to execute illegal SQL commands to ste...

8.8CVSS2.2AI score0.0072EPSS
Exploits1References1
NVD
NVD
added 2023/02/01 12:15 a.m.43 views

CVE-2023-24956

Forget Heart Message Box v1.1 was discovered to contain a SQL injection vulnerability via the name parameter at /cha.php...

8.8CVSS9AI score0.0072EPSS
Exploits1References1
NVD
NVD
added 2023/02/01 12:15 a.m.15 views

CVE-2023-24241

Forget Heart Message Box v1.1 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/loginpost.php...

9.8CVSS9.8AI score0.00741EPSS
Exploits1References1
Prion
Prion
added 2023/02/01 12:15 a.m.14 views

Sql injection

Forget Heart Message Box v1.1 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/loginpost.php...

7.5CVSS9.8AI score0.00741EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/01/31 12:0 a.m.19 views

CVE-2023-24956

Forget Heart Message Box v1.1 was discovered to contain a SQL injection vulnerability via the name parameter at /cha.php...

9.2AI score0.0072EPSS
Exploits1References1
CVE
CVE
added 2023/01/31 12:0 a.m.75 views

CVE-2023-24956

Forget Heart Message Box v1.1 has a SQL injection vulnerability in the name parameter of the /cha.php endpoint. The issue is publicly described across multiple sources (CNVD, CNNVD, NVD, Red Hat, OSV, etc.) with CVSS v3.1 base score 8.8 (HIGH) and impact to confidentiality, integrity, and availab...

8.8CVSS8.9AI score0.0072EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/01/31 12:0 a.m.16 views

CVE-2023-24241

Forget Heart Message Box v1.1 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/loginpost.php...

10AI score0.00741EPSS
Exploits1References1
CVE
CVE
added 2023/01/31 12:0 a.m.54 views

CVE-2023-24241

ForForget Heart Message Box v1.1, a SQL injection vulnerability exists in the admin/loginpost.php endpoint, exploitable via the name parameter. The CVE entry and multiple connected sources consistently describe this issue without detailing a fix. The associated CVSS v3.1 data indicate a critical ...

9.8CVSS9.8AI score0.00741EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/31 12:0 a.m.4 views

PT-2023-19495 · Unknown · Forget Heart Message Box

Name of the Vulnerable Software and Affected Versions: Forget Heart Message Box version 1.1 Description: A SQL injection issue was discovered via the name parameter at the "/admin/loginpost.php" API endpoint. This allows for potential exploitation. No information is available regarding the...

9.8CVSS9.7AI score0.00741EPSS
Exploits1References4
OSV
OSV
added 2023/01/31 12:0 a.m.15 views

CVE-2023-24241

Forget Heart Message Box v1.1 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/loginpost.php...

9.8CVSS8.2AI score0.00741EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/01/31 12:0 a.m.8 views

CVE-2023-24241

Forget Heart Message Box v1.1 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/loginpost.php...

9.8AI score0.00741EPSS
Exploits1References1
OSV
OSV
added 2023/01/31 12:0 a.m.10 views

CVE-2023-24956

Forget Heart Message Box v1.1 was discovered to contain a SQL injection vulnerability via the name parameter at /cha.php...

8.8CVSS8.2AI score0.0072EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/01/31 12:0 a.m.3 views

PT-2023-19838 · Unknown · Forget Heart Message Box

Name of the Vulnerable Software and Affected Versions: Forget Heart Message Box version 1.1 Description: A SQL injection issue was discovered in Forget Heart Message Box via the name parameter at the "/cha.php" API endpoint. Recommendations: For Forget Heart Message Box version 1.1, consider...

8.8CVSS9AI score0.0072EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.5 views

Product Show Room Site 安全漏洞

Product Show Room Site is a product showroom site from Carlo Montero's personal developer. version 1.0 of Product Show Room Site is vulnerable to cross-site scripting, which stems from the fact that entering a special string into the Message text box leads to cross-site scripting. No details of t...

4.8CVSS4.7AI score0.00586EPSS
Exploits0References3
NVD
NVD
added 2021/07/19 1:15 p.m.21 views

CVE-2021-3279

sz.chat version 4 allows injection of web scripts and HTML in the message box...

6.1CVSS0.00839EPSS
Exploits1References2
OSV
OSV
added 2021/07/19 1:15 p.m.2 views

CVE-2021-3279

sz.chat version 4 allows injection of web scripts and HTML in the message box...

6.1CVSS5.8AI score0.00839EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/07/19 12:5 p.m.25 views

CVE-2021-3279

sz.chat version 4 allows injection of web scripts and HTML in the message box...

6.7AI score0.00839EPSS
Exploits1References2
Rows per page
Query Builder