Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

981 matches found

Prion
Prionadded 2023/02/18 9:15 a.m.11 views

Sql injection

A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file viewprod.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be...

6.5CVSS9.7AI score0.00179EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2023/02/18 12:0 a.m.3 views

PT-2023-16612 · Sourcecodester · Sourcecodester Online Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Pizza Ordering System version 1.0 Description: A critical issue has been found in the GET Parameter Handler component of the view prod.php file, where the manipulation of the ID argument leads to sql injection. This issu...

9.8CVSS7.5AI score0.00179EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2023/02/18 12:0 a.m.1 views

PT-2023-16608 · Unknown · Sourcecodester Online Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Pizza Ordering System version 1.0 Description: A critical issue was found in the function delete category of the file ajax.php of the component POST Parameter Handler, leading to missing authentication. The attack can be...

9.8CVSS7AI score0.00232EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEVadded 2023/02/15 12:0 a.m.0 views

VulnCheck KEV: CVE-2022-4257

A vulnerability was found in C-DATA Web Management System. It has been rated as critical. This issue affects some unknown processing of the file cgi-bin/jumpto.php of the component GET Parameter Handler. The manipulation of the argument hostname leads to argument injection. The attack may be...

9.8CVSS7AI score0.01923EPSS
Exploits1References1
NVD
NVDadded 2023/01/26 9:18 p.m.12 views

CVE-2023-0516

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. Affected is an unknown function of the file user/forgetpassword.php of the component Parameter Handler. The manipulation of the argument email leads to sql injection. The...

7.2CVSS6.5AI score0.00376EPSS
Exploits1References3
Prion
Prionadded 2023/01/26 9:18 p.m.15 views

Sql injection

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/forgetpassword.php of the component Parameter Handler. The manipulation of the argument email leads to sql injection. T...

5.2CVSS7.3AI score0.00376EPSS
Exploits1References3Affected Software1
Prion
Prionadded 2023/01/26 9:18 p.m.21 views

Sql injection

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. Affected is an unknown function of the file user/forgetpassword.php of the component Parameter Handler. The manipulation of the argument email leads to sql injection. The...

5.2CVSS7.3AI score0.00376EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2023/01/26 4:58 p.m.11 views

CVE-2023-0516 SourceCodester Online Tours & Travels Management System Parameter forget_password.php sql injection

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. Affected is an unknown function of the file user/forgetpassword.php of the component Parameter Handler. The manipulation of the argument email leads to sql injection. The...

5.5CVSS7.5AI score0.00376EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2023/01/26 12:0 a.m.2 views

PT-2023-16325 · Sourcecodester · Sourcecodester Online Tours & Travels Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Tours & Travels Management System version 1.0 Description: A critical issue was found in the Parameter Handler component of the file user/forget password.php, where the manipulation of the email argument leads to sql...

7.2CVSS6.1AI score0.00376EPSS
Exploits1References5
NVD
NVDadded 2023/01/13 10:15 a.m.10 views

CVE-2023-0283

A vulnerability classified as critical has been found in SourceCodester Online Flight Booking Management System. This affects an unknown part of the file reviewsearch.php of the component POST Parameter Handler. The manipulation of the argument txtsearch leads to sql injection. It is possible to...

9.8CVSS7.4AI score0.00346EPSS
Exploits1References3
CVE
CVEadded 2023/01/13 9:20 a.m.47 views

CVE-2023-0283

CVE-2023-0283 : A SQL injection vulnerability exists in SourceCodester Online Flight Booking Management System, in the file review_search.php within the POST Parameter Handler component. An attacker can manipulate the txtsearch argument to trigger the injection, with remote attack possible and pu...

9.8CVSS8.3AI score0.00346EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2023/01/07 12:30 p.m.15 views

GHSA-P33Q-4H4M-J994 Inline SVG vulnerable to Cross-site Scripting

A vulnerability has been found in jamesmartin Inline SVG up to 1.7.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file lib/inlinesvg/actionview/helpers.rb of the component URL Parameter Handler. The manipulation of the argument filename leads to...

6.1CVSS6AI score0.00661EPSS
Exploits0References8
Github Security Blog
Github Security Blogadded 2023/01/07 12:30 p.m.32 views

Inline SVG vulnerable to Cross-site Scripting

A vulnerability has been found in jamesmartin Inline SVG up to 1.7.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file lib/inlinesvg/actionview/helpers.rb of the component URL Parameter Handler. The manipulation of the argument filename leads to...

6.1CVSS6AI score0.00661EPSS
Exploits0References8Affected Software1
OSV
OSVadded 2023/01/07 10:15 a.m.18 views

CVE-2020-36644

A vulnerability has been found in jamesmartin Inline SVG up to 1.7.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file lib/inlinesvg/actionview/helpers.rb of the component URL Parameter Handler. The manipulation of the argument filename leads to...

6.1CVSS6.1AI score
Exploits0References5
CVE
CVEadded 2023/01/07 9:2 a.m.61 views

CVE-2020-36644

Inline SVG by jamesmartin is affected up to version 1.7.1. The vulnerability resides in the URL Parameter Handler, specifically lib/inline_svg/action_view/helpers.rb, where manipulating the filename argument can trigger cross-site scripting. It can be exploited remotely. Upgrading to version 1.7....

6.1CVSS4.8AI score0.00661EPSS
Exploits0References5Affected Software1
RubySec
RubySecadded 2023/01/07 12:0 a.m.13 views

Inline SVG vulnerable to Cross-site Scripting

A vulnerability has been found in jamesmartin Inline SVG up to 1.7.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file lib/inlinesvg/actionview/helpers.rb of the component URL Parameter Handler. The manipulation of the argument filename leads to...

6.1CVSS1.4AI score0.00661EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2023/01/05 9:15 a.m.9 views

CVE-2022-4869

A vulnerability was found in Evolution Events Artaxerxes. It has been declared as problematic. This vulnerability affects unknown code of the file arta/common/middleware.py of the component POST Parameter Handler. The manipulation of the argument password leads to information disclosure. The atta...

7.5CVSS5.1AI score0.00326EPSS
Exploits0References3
OSV
OSVadded 2023/01/05 9:15 a.m.13 views

CVE-2022-4869

A vulnerability was found in Evolution Events Artaxerxes. It has been declared as problematic. This vulnerability affects unknown code of the file arta/common/middleware.py of the component POST Parameter Handler. The manipulation of the argument password leads to information disclosure. The atta...

7.5CVSS6.9AI score
Exploits0References3
Prion
Prionadded 2023/01/05 9:15 a.m.19 views

Information disclosure

A vulnerability was found in Evolution Events Artaxerxes. It has been declared as problematic. This vulnerability affects unknown code of the file arta/common/middleware.py of the component POST Parameter Handler. The manipulation of the argument password leads to information disclosure. The atta...

5CVSS7.5AI score0.00326EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2023/01/05 8:4 a.m.41 views

CVE-2022-4869

CVE-2022-4869 affects Evolution Events Artaxerxes, specifically the POST Parameter Handler component in the file arta/common/middleware.py. The issue is described as the manipulation of the password argument that leads to information disclosure, with the attack noted as remote. The available conn...

7.5CVSS5.7AI score0.00326EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder