Lucene search
K

1684 matches found

NVD
NVD
added 2026/04/09 9:16 p.m.12 views

CVE-2023-54359

WordPress adivaha Travel Plugin 2.3 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pid' GET parameter. Attackers can send requests to the /mobile-app/v3/ endpoint with crafted 'pid'...

8.8CVSS0.00269EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/09 8:54 p.m.17 views

CVE-2023-54359 WordPress adivaha Travel Plugin 2.3 SQL Injection via pid

WordPress adivaha Travel Plugin 2.3 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pid' GET parameter. Attackers can send requests to the /mobile-app/v3/ endpoint with crafted 'pid'...

8.8CVSS0.00269EPSS
Exploits0References4
CVE
CVE
added 2026/04/09 8:54 p.m.14 views

CVE-2023-54359

The affected product is WordPress adivaha Travel Plugin 2.3. The vulnerability is a time-based blind SQL injection in the pid parameter, exploitable via the /mobile-app/v3/ endpoint, allowing unauthenticated attackers to manipulate queries and potentially extract sensitive data. The description n...

8.8CVSS6AI score0.00269EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.4 views

PT-2026-31726

Name of the Vulnerable Software and Affected Versions WordPress adivaha Travel Plugin version 2.3 Description The adivaha Travel Plugin for WordPress version 2.3 contains a time-based blind SQL injection vulnerability. Unauthenticated attackers can manipulate database queries by injecting SQL cod...

8.8CVSS5.8AI score0.00269EPSS
Exploits0References8
EUVD
EUVD
added 2026/04/08 9:33 p.m.9 views

EUVD-2025-209339

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the pid parameter in the /trace.asp endpoint...

6.2AI score0.00516EPSS
Exploits0References3
NVD
NVD
added 2026/04/08 7:24 p.m.4 views

CVE-2025-50657

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the pid parameter in the /trace.asp endpoint...

7.5CVSS0.00516EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.9 views

D-Link DI-8003 安全漏洞

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. The D-Link DI-8003 suffers from a buffer overflow vulnerability that originates from improper handling of the pid parameter in the /trace.asp endpoint, which can be exploited by an attacker to cause a denial of service...

7.5CVSS6AI score0.00516EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.3 views

PT-2026-31381

CVE-2025-50657 A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the pid parameter in the /trace.asp endpoint. https://t.co/1WRVJZ8huB...

7.5CVSS6AI score0.00516EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/08 12:0 a.m.3 views

CVE-2025-50657

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the pid parameter in the /trace.asp endpoint...

6AI score0.00516EPSS
Exploits0References3
CVE
CVE
added 2026/04/08 12:0 a.m.13 views

CVE-2025-50657

The CVE-2025-50657 entry concerns D-Link DI-8003 router firmware (16.07.26A1). The concrete issue is a buffer overflow caused by improper handling of the pid parameter in the /trace.asp endpoint. Descriptions across CNVD, RH, EUVD, NVD and CVE records consistently indicate this vulnerability can ...

7.5CVSS6.2AI score0.00516EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/06 10:57 a.m.7 views

CVE-2026-5552

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible...

6.5CVSS6.4AI score0.00246EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/05 9:30 a.m.4 views

EUVD-2026-19052

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible...

6.5CVSS5.7AI score0.00246EPSS
Exploits0References6
NVD
NVD
added 2026/04/05 9:16 a.m.4 views

CVE-2026-5552

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible...

6.5CVSS0.00246EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/05 8:30 a.m.4 views

CVE-2026-5552 PHPGurukul Online Shopping Portal Project Parameter sub-category.php sql injection

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible...

6.5CVSS6.4AI score0.00246EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/05 8:30 a.m.2 views

CVE-2026-5552

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible...

6.5CVSS5.7AI score0.00246EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/05 8:30 a.m.10 views

CVE-2026-5552

CVE-2026-5552 concerns a SQL injection in PHPGurukul Online Shopping Portal Project 2.1. The issue is tied to the Parameter Handler component, specifically the file /sub-category.php where manipulation of the pid argument enables SQL injection. Remote exploitation is described as possible, and pu...

6.5CVSS6.4AI score0.00246EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.9 views

PHPGurukul Online Shopping Portal Project SQL注入漏洞

The PHPGurukul Online Shopping Portal Project is an online shopping portal project of PHPGurukul Corporation. Version 2.1 of the PHPGurukul Online Shopping Portal Project has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “pid” in the...

6.5CVSS6.7AI score0.00246EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.29 views

EulerOS Virtualization 2.12.0 : kernel (EulerOS-SA-2026-1490)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork.CVE-2025-39913 md: fix rcu protection in...

7.8CVSS6.7AI score0.08555EPSS
Exploits24References497
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.14 views

EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2026-1537)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : media: v4l2-mem2mem: add lock to protect parameter numrdyCVE-2023-53519 md: Replace snprintf with scnprintfCVE-2022-50299 mm/vmscan...

7.8CVSS7.6AI score0.00519EPSS
Exploits3References99
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.22 views

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1366)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork.CVE-2025-39913 md: fix rcu protection in mdwakeupthreadCVE-2025-68374...

7.8CVSS7.1AI score0.00519EPSS
Exploits7References234
Rows per page
Query Builder