975648 matches found
NileBank-Vulnerable-App
NileBank - Web Pen Testing Project A realistic bank web appli...
CVE-2026-49380
In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible...
CVE-2026-49380
CVE-2026-49380 : In JetBrains TeamCity (before 2026.1), the SAML plugin allows an open redirect. Affected product: JetBrains TeamCity with the SAML plugin; root cause: improper redirection handling in the SAML plugin leading to open redirect. Impact: potential user redirection to arbitrary URL. R...
EUVD-2026-33388
In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible...
CVE-2026-49380
In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible...
CVE-2026-49380
In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible...
CVE-2026-49380
In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible...
CVE-2018-25404
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the ticketid parameter. Attackers can send GET requests to addfacnote.php with crafted SQL payloads to extract sensitive...
CVE-2018-25398
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the frmpasswd parameter. Attackers can send POST requests to main.php with crafted SQL payloads to extract sensitive...
CVE-2018-25401
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the p1 parameter. Attackers can send GET requests to severgraph.php with crafted SQL payloads to extract sensitive databas...
CVE-2018-25400
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to the ajax/formpost.php endpoint with crafted SQL payloads to extract...
CVE-2018-25402
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the p1 parameter. Attackers can send GET requests to inctypesgraph.php with crafted SQL payloads to extract sensitive...
EUVD-2018-21926
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the ticketid parameter. Attackers can send GET requests to addfacnote.php with crafted SQL payloads to extract sensitive...
CVE-2018-25404 The Open ISES Project 3.30A SQL Injection via add_facnote.php
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the ticketid parameter. Attackers can send GET requests to addfacnote.php with crafted SQL payloads to extract sensitive...
CVE-2018-25404
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the ticketid parameter. Attackers can send GET requests to addfacnote.php with crafted SQL payloads to extract sensitive...
CVE-2018-25404 The Open ISES Project 3.30A SQL Injection via add_facnote.php
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the ticketid parameter. Attackers can send GET requests to addfacnote.php with crafted SQL payloads to extract sensitive...
CVE-2018-25404
The Open ISES Project 3.30A is affected by an SQL injection in add_facnote.php accessed via the ticket_id parameter. Unauthenticated attackers can send crafted GET requests to extract sensitive data (e.g., database version/details), exposing confidentiality and potentially other data. The vulnera...
CVE-2018-25403 The Open ISES Project 3.30A SQL Injection via city_graph.php
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the p1 parameter. Attackers can send GET requests to citygraph.php with crafted SQL payloads to extract sensitive database...
CVE-2018-25403
The CVE-2018-25403 entry affects The Open ISES Project 3.30A. The vulnerability is a SQL injection in city_graph.php reachable via the p1 parameter, allowing unauthenticated attackers to send crafted GET requests to extract sensitive database information (including schema names). The underlying c...
CVE-2018-25402
CVE-2018-25402 affects Open ISES Project 3.30A. A SQL injection flaw in inc_types_graph.php via the p1 parameter allows unauthenticated remote attackers to execute arbitrary SQL and extract sensitive DB information (schema names, data). The CVE is associated with high-severity metrics (CVSS 3.1/4...