Lucene search
K

925 matches found

CNNVD
CNNVD
added 2022/09/07 12:0 a.m.5 views

Poetry 参数注入漏洞

Poetry is a tool for dependency management and packaging in Python. It allows you to declare the libraries your project depends on and will manage install/update them for you. A parameter injection vulnerability exists in Poetry versions prior to 1.1.9 and prior to 1.2.0b1, the vulnerability stem...

7.3CVSS7.4AI score0.01475EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/08/26 12:0 a.m.6 views

PT-2022-23550 · Unknown · Simple Task Scheduling System

Name of the Vulnerable Software and Affected Versions: Simple Task Scheduling System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/classes/Master.php?f=delete account" API endpoint. Recommendations...

9.8CVSS9.4AI score0.00891EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/08/16 12:0 a.m.5 views

Device42 参数注入漏洞

Device42, a Device42 company, provides the industry's most advanced and complete hybrid cloud discovery and dependency mapping platform. A parameter injection vulnerability exists in Device42 CMDB version 18.01.00 and earlier, which stems from a Change Secret username field used in the discovery...

9.1CVSS8.9AI score0.00786EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/08/10 12:0 a.m.2 views

mc-kill-port 参数注入漏洞

npm mc-kill-port is a package from npm USA that allows termination of ports. A security vulnerability exists in mc-kill-port, which stems from a lack of parameter cleanup. An attacker can exploit this vulnerability to execute arbitrary commands...

7.8CVSS7.7AI score0.00452EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/08/05 12:0 a.m.3 views

HUAWEI HarmonyOS 参数注入漏洞

HUAWEI HarmonyOS is an operating system from the Chinese company Huawei HUAWEI. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in HUAWEI HarmonyOS version 2.0, which stems from a parameter injection vulnerability in the Settings...

7.5CVSS7.4AI score0.0045EPSS
Exploits0References4
OSV
OSV
added 2022/07/20 1:15 p.m.3 views

CVE-2022-36322

In JetBrains TeamCity before 2022.04.2 build parameter injection was possible...

8.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2022/07/20 1:15 p.m.15 views

CVE-2022-36322

In JetBrains TeamCity before 2022.04.2 build parameter injection was possible...

8.8CVSS0.00566EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/20 1:15 p.m.3 views

CVE-2022-36322

In JetBrains TeamCity before 2022.04.2 build parameter injection was possible...

8.8CVSS7.4AI score0.00566EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/07/20 12:30 p.m.18 views

CVE-2022-36322

In JetBrains TeamCity before 2022.04.2 build parameter injection was possible...

5.4CVSS9.1AI score0.00566EPSS
Exploits0References1
CVE
CVE
added 2022/07/20 12:30 p.m.56 views

CVE-2022-36322

CVE-2022-36322 affects JetBrains TeamCity prior to 2022.04.2, where build parameter injection was possible via the build configuration workflow. The vulnerability lies in build parameter handling, enabling injection that could impact confidentiality, integrity, and availability as indicated by th...

8.8CVSS8.8AI score0.00566EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/07/20 12:0 a.m.3 views

JetBrains TeamCity 参数注入漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides features such as continuous unit testing, code quality analysis and build issue analysis reports. A security vulnerability exists in JetBrains TeamCity...

8.8CVSS8AI score0.00566EPSS
Exploits0References3
OSV
OSV
added 2022/07/16 7:15 a.m.4 views

CVE-2017-20132

A vulnerability was found in Itech Multi Vendor Script 6.49 and classified as critical. This issue affects some unknown processing of the file /multi-vendor-shopping-script/product-list.php. The manipulation of the argument pl leads to sql injection. The attack may be initiated remotely. The...

9.8CVSS5.8AI score0.00719EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/07/13 12:0 a.m.2 views

codecov 参数注入漏洞

codecov is a specialized code coverage solution open-sourced by codecov. A security vulnerability exists in codecov versions prior to 2.0.16, which stems from not cleaning up the gcov parameter before supplying it to the popen method...

6.5CVSS6.5AI score0.00991EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/07/01 12:0 a.m.31 views

git-clone 参数注入漏洞

git-clone is a repository for cloning git repositories developed by Jason Frame in the UK. A parameter injection vulnerability exists in git-clone, which stems from an unsafe use of git's --upload-pack feature, which makes all versions of the package git-clone vulnerable to command injection...

10CVSS8.3AI score0.03227EPSS
Exploits1References3
CNVD
CNVD
added 2022/06/30 12:0 a.m.39 views

LDAP Account Manager Parameter Injection Vulnerability

LDAP Account Manager is a web front-end for managing entries e.g., users, groups, DHCP settings stored in the LDAP directory. LDAP Account Manager LAM versions prior to 8.0 are vulnerable to parameter injection, which stems from the fact that LAM instantiates objects from arbitrary classes and ca...

9CVSS6.1AI score0.02346EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/06/27 12:0 a.m.5 views

LDAP Account Manager 参数注入漏洞

LDAP Account Manager is a web front-end for managing entries e.g., users, groups, DHCP settings stored in the LDAP directory. LDAP Account Manager LAM versions prior to 8.0 are vulnerable to parameter injection, which stems from the fact that LAM instantiates objects from arbitrary classes and ca...

9CVSS6AI score0.02346EPSS
Exploits1References9
ATTACKERKB
ATTACKERKB
added 2022/06/17 4:15 p.m.4 views

CVE-2022-32442

u5cms version 8.3.5 is vulnerable to Cross Site Scripting XSS. When a user accesses the default home page if the parameter passed in is http://127.0.0.1/? "Onmouseover=%27tzgl 96502%27bad=", it can cause html injection...

6.1CVSS6.4AI score0.00726EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2022/06/16 7:51 p.m.494 views

Exploit for CVE-2022-31749

Hook Hook exploits a parameter injection vulnerability in the...

6.5CVSS8.8AI score0.01242EPSS
Exploits2
CNNVD
CNNVD
added 2022/06/13 12:0 a.m.4 views

Open Forms 输入验证错误漏洞

Open Forms is Open Formulieren open source an intelligent dynamic form . Used to quickly create a powerful and intelligent forms exposed through the API . A security vulnerability exists in Open Forms versions prior to 1.0.9 and 1.1.1. An attacker could exploit this vulnerability by injecting a...

7.1CVSS6.3AI score0.00667EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/06/10 12:0 a.m.2 views

git-promise 参数注入漏洞

git-promise is a simple wrapper. Run any git command with a more intuitive syntax. A parameter injection vulnerability exists in all versions of git-promise due to the use of space-splitting in the logic used to separate command parameters in pull requests...

9.8CVSS8.4AI score0.03037EPSS
Exploits1References3
Rows per page
Query Builder