Lucene search
K

619 matches found

Nuclei
Nuclei
added 5 days ago129 views

Dahua Smart Park Management - Arbitrary File Upload

Dahua wisdom park integrated management platform is a comprehensive management platform, a park operations,resource allocation, and intelligence services,and other functions, including/emap/devicePointaddImgIco?. id: CVE-2023-3836 info: name: Dahua Smart Park Management - Arbitrary File Upload...

9.8CVSS6.7AI score0.73525EPSS
Exploits2References5
NVD
NVD
added 2026/06/09 1:16 p.m.14 views

CVE-2017-20243

WordPress Car Park Booking Plugin version 13 October 17 contains a time-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the spaceid parameter. Attackers can send GET requests to the booking-page endpoint with...

8.8CVSS0.00262EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 11:48 a.m.25 views

CVE-2017-20243 WordPress Car Park Booking Plugin SQL Injection via space_id

WordPress Car Park Booking Plugin version 13 October 17 contains a time-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the spaceid parameter. Attackers can send GET requests to the booking-page endpoint with...

8.8CVSS0.00262EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 11:48 a.m.8 views

EUVD-2017-18969

WordPress Car Park Booking Plugin version 13 October 17 contains a time-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the spaceid parameter. Attackers can send GET requests to the booking-page endpoint with...

8.8CVSS5.7AI score0.00262EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/09 11:48 a.m.9 views

CVE-2017-20243 WordPress Car Park Booking Plugin SQL Injection via space_id

WordPress Car Park Booking Plugin version 13 October 17 contains a time-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the spaceid parameter. Attackers can send GET requests to the booking-page endpoint with...

8.8CVSS5.7AI score0.00262EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.14 views

PT-2026-47766

WordPress Car Park Booking Plugin version 13 October 17 contains a time-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the space id parameter. Attackers can send GET requests to the booking-page endpoint with...

8.8CVSS5.7AI score0.00262EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.8 views

WordPress plugin Car Park Booking Plugin 13 October SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS5.8AI score0.00262EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.10 views

CVE-2026-37345

SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/managepark.php...

9.8CVSS5.7AI score0.00346EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/26 6:54 a.m.8 views

WordPress Realtyna Organic IDX plugin plugin <= 5.1.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by ParkHyunWoo in WordPress Plugin Realtyna Organic IDX plugin versions = 5.1.0...

5.9AI score0.00291EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/05/14 12:24 p.m.56 views

CVE-2026-6008 IDOR in Im Park's DijiDemi

Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. This issue affects DijiDemi: from v4.5.12.1 before v4.5.13.0...

6.8CVSS0.00219EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.11 views

Im Park DijiDemi 安全漏洞

Im Park DijiDemi is an educational software developed by Im Park Company in Turkey. Versions of Im Park DijiDemi from 4.5.12.1 to 4.5.13.0 had security vulnerabilities. These vulnerabilities were caused by authorization bypasses due to user control keys, which could lead to permission abuse...

6.8CVSS5.8AI score0.00219EPSS
Exploits0References1
NVD
NVD
added 2026/04/24 3:16 p.m.4 views

CVE-2026-31656

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: fix refcount underflow in intelengineparkheartbeat A use-after-free / refcount underflow is possible when the heartbeat worker and intelengineparkheartbeat race to release the same engine-heartbeat.systole request. T...

7.8CVSS0.00117EPSS
Exploits0References8
OSV
OSV
added 2026/04/24 3:16 p.m.5 views

DEBIAN-CVE-2026-31656

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: fix refcount underflow in intelengineparkheartbeat A use-after-free / refcount underflow is possible when the heartbeat worker and intelengineparkheartbeat race to release the same engine-heartbeat.systole request. T...

7.8CVSS5.4AI score0.00117EPSS
Exploits0References1
CVE
CVE
added 2026/04/24 2:45 p.m.22 views

CVE-2026-31656

The CVE-2026-31656 issue affects the Linux kernel in the drm/i915/gt path, where a race between the heartbeat worker and intel_engine_park_heartbeat() can cause a refcount underflow and potential use-after-free of engine-&gt;heartbeat.systole. Root cause: a non-atomic read of the pointer followed...

7.8CVSS5.5AI score0.00117EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/04/24 2:45 p.m.28 views

CVE-2026-31656 drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: fix refcount underflow in intelengineparkheartbeat A use-after-free / refcount underflow is possible when the heartbeat worker and intelengineparkheartbeat race to release the same engine-heartbeat.systole request. T...

7.8CVSS0.00117EPSS
Exploits0References8
EUVD
EUVD
added 2026/04/16 3:31 p.m.7 views

EUVD-2026-23262

SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/managepark.php...

9.8CVSS5.9AI score0.00346EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/16 12:0 a.m.25 views

CVE-2026-37345

SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/managepark.php...

0.00346EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.5 views

PT-2026-33335

Name of the Vulnerable Software and Affected Versions SourceCodester Vehicle Parking Area Management System version 1.0 Description An issue exists in the file '/parking/manage park.php' that allows for SQL Injection, a technique where malicious SQL statements are inserted into entry fields for...

9.8CVSS6AI score0.00346EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.9 views

SourceCodester Vehicle Parking Area Management System 安全漏洞

The SourceCodester Vehicle Parking Area Management System is an open-source parking management system developed by SourceCodester. Version 1.0 of the SourceCodester Vehicle Parking Area Management System contains a security vulnerability, which stems from the file /parking/managepark.php being...

9.8CVSS5.8AI score0.00346EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/16 12:0 a.m.4 views

CVE-2026-37345

SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/managepark.php...

9.8CVSS5.9AI score0.00346EPSS
Exploits0References2
Rows per page
Query Builder