Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

CNVD
CNVDadded 2021/04/06 12:0 a.m.5 views

Knowage SQL Injection Vulnerability

Knowage is a suite of open source tools for modern business analytics. A SQL injection vulnerability exists in the documentexecution/url analysis driver component of Knowage prior to version 7.4 when running reports. An attacker can exploit this vulnerability to execute arbitrary SQL commands on ...

8.8CVSS8.3AI score0.00569EPSS
Exploits1References1
OSV
OSVadded 2021/04/05 11:15 a.m.8 views

CVE-2021-30055

A SQL injection vulnerability in Knowage Suite version 7.1 exists in the documentexecution/url analytics driver component via the 'paryear' parameter when running a report...

8.8CVSS7.9AI score
Exploits0References1
Prion
Prionadded 2021/04/05 11:15 a.m.20 views

Sql injection

A SQL injection vulnerability in Knowage Suite version 7.1 exists in the documentexecution/url analytics driver component via the 'paryear' parameter when running a report...

6.5CVSS8.9AI score0.00569EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2021/04/05 10:45 a.m.36 views

CVE-2021-30055

CVE-2021-30055 is a SQL injection vulnerability in Knowage Suite 7.1, affecting the documentexecution/url analytics driver via the par_year parameter when generating a report. Root cause: improper handling of input in the URL analytics driver leading to SQL commands being injected. Impact: potent...

8.8CVSS8.9AI score0.00569EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder