Lucene search
K

267 matches found

Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.4 views

PT-2026-31726

Name of the Vulnerable Software and Affected Versions WordPress adivaha Travel Plugin version 2.3 Description The adivaha Travel Plugin for WordPress version 2.3 contains a time-based blind SQL injection vulnerability. Unauthenticated attackers can manipulate database queries by injecting SQL cod...

8.8CVSS5.8AI score0.00269EPSS
Exploits0References8
NVD
NVD
added 2026/04/08 7:24 p.m.4 views

CVE-2025-50657

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the pid parameter in the /trace.asp endpoint...

7.5CVSS0.00516EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/08 12:0 a.m.3 views

CVE-2025-50657

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the pid parameter in the /trace.asp endpoint...

6AI score0.00516EPSS
Exploits0References3
CVE
CVE
added 2026/04/08 12:0 a.m.12 views

CVE-2025-50657

The CVE-2025-50657 entry concerns D-Link DI-8003 router firmware (16.07.26A1). The concrete issue is a buffer overflow caused by improper handling of the pid parameter in the /trace.asp endpoint. Descriptions across CNVD, RH, EUVD, NVD and CVE records consistently indicate this vulnerability can ...

7.5CVSS6.2AI score0.00516EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.3 views

PT-2026-31381

CVE-2025-50657 A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the pid parameter in the /trace.asp endpoint. https://t.co/1WRVJZ8huB...

7.5CVSS6AI score0.00516EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

D-Link DI-8003 安全漏洞

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. The D-Link DI-8003 suffers from a buffer overflow vulnerability that originates from improper handling of the pid parameter in the /trace.asp endpoint, which can be exploited by an attacker to cause a denial of service...

7.5CVSS6AI score0.00516EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/05 9:30 a.m.3 views

EUVD-2026-19052

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible...

6.5CVSS5.7AI score0.00246EPSS
Exploits0References6
NVD
NVD
added 2026/04/05 9:16 a.m.2 views

CVE-2026-5552

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible...

6.5CVSS0.00246EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/05 8:30 a.m.3 views

CVE-2026-5552 PHPGurukul Online Shopping Portal Project Parameter sub-category.php sql injection

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible...

6.5CVSS6.4AI score0.00246EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/05 8:30 a.m.2 views

CVE-2026-5552

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible...

6.5CVSS5.7AI score0.00246EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/05 8:30 a.m.10 views

CVE-2026-5552

CVE-2026-5552 concerns a SQL injection in PHPGurukul Online Shopping Portal Project 2.1. The issue is tied to the Parameter Handler component, specifically the file /sub-category.php where manipulation of the pid argument enables SQL injection. Remote exploitation is described as possible, and pu...

6.5CVSS6.4AI score0.00246EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.9 views

PHPGurukul Online Shopping Portal Project SQL注入漏洞

The PHPGurukul Online Shopping Portal Project is an online shopping portal project of PHPGurukul Corporation. Version 2.1 of the PHPGurukul Online Shopping Portal Project has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “pid” in the...

6.5CVSS6.7AI score0.00246EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/02/23 1:30 p.m.4 views

CVE-2019-25446

DIGIT CENTRIS ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the datum1, datum2, KID, and PID parameters. Attackers can send POST requests to /korisnikinfo.php with malicious SQL syntax in these...

8.8CVSS5.8AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/02/22 2:16 p.m.6 views

CVE-2019-25446

DIGIT CENTRIS ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the datum1, datum2, KID, and PID parameters. Attackers can send POST requests to /korisnikinfo.php with malicious SQL syntax in these...

8.8CVSS0.00232EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/22 1:18 p.m.27 views

CVE-2019-25446 DIGIT CENTRIS ERP Every version SQL Injection via datum1 Parameter

DIGIT CENTRIS ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the datum1, datum2, KID, and PID parameters. Attackers can send POST requests to /korisnikinfo.php with malicious SQL syntax in these...

8.8CVSS0.00232EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/22 1:18 p.m.6 views

CVE-2019-25446

DIGIT CENTRIS ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the datum1, datum2, KID, and PID parameters. Attackers can send POST requests to /korisnikinfo.php with malicious SQL syntax in these...

8.8CVSS6AI score0.00232EPSS
Exploits0References2
CVE
CVE
added 2026/02/22 1:18 p.m.11 views

CVE-2019-25446

CVE-2019-25446 affects DIGIT CENTRIS ERP with an SQL injection in the datum1, datum2, KID, and PID parameters. An unauthenticated attacker can send POST requests to /korisnikinfo.php containing malicious SQL to extract or modify sensitive data. Connected documents provide concrete details on vuln...

8.8CVSS6AI score0.00232EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/22 12:0 a.m.10 views

DIGIT CENTRIS ERP SQL注入漏洞

DIGIT CENTRIS ERP is an enterprise resource planning system developed by DIGIT Corporation. DIGIT CENTRIS ERP has a SQL injection vulnerability. This vulnerability stems from the SQL injections in the datum1, datum2, KID, and PID parameters, which may allow unverified attackers to manipulate...

8.8CVSS5.8AI score0.00232EPSS
Exploits0References2
NVD
NVD
added 2026/02/03 10:16 p.m.7 views

CVE-2020-37081

Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. Attackers can exploit vulnerable parameters like uid, pid, type, m, y, and code to compromise the database manageme...

7.1CVSS0.00198EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/29 3:26 a.m.7 views

CVE-2025-67645

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.0.4 have a broken access control in the Profile Edit endpoint. An authenticated normal user can modify the request parameters pubpid / pid to reference another user’s recor...

8.8CVSS5.9AI score0.00333EPSS
Exploits1References1
Rows per page
Query Builder