Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

NVD
NVDadded 2026/02/24 1:16 a.m.7 views

CVE-2026-3051

A vulnerability has been found in DataLinkDC dinky up to 1.2.5. The affected element is the function getProjectDir of the file dinky-admin/src/main/java/org/dinky/utils/GitRepository.java of the component Project Name Handler. Such manipulation of the argument projectName leads to path traversal...

7.6CVSS0.06507EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2014-1021

Malware in sbrugna...

6.8CVSS6.1AI score0.02569EPSS
Exploits0References3
OSV
OSVadded 2024/11/12 1:15 a.m.3 views

CVE-2024-11096

A vulnerability, which was classified as critical, was found in code-projects Task Manager 1.0. This affects an unknown part of the file /newProject.php. The manipulation of the argument projectName leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS5.7AI score0.00458EPSS
Exploits1References5
CNNVD
CNNVDadded 2024/11/12 12:0 a.m.4 views

Task Manager 注入漏洞

Task Manager is an open source task manager application from Code-Projects. An injection vulnerability exists in Task Manager version 1.0, which stems from an SQL injection vulnerability in the projectName parameter of the /newProject.php page...

6.5CVSS7.1AI score0.00458EPSS
Exploits1References5
Veracode
Veracodeadded 2020/05/21 7:13 a.m.27 views

OS Command Injection

kylin-server-base is vulnerable to OS Command Injection. The vulnerability exists as the values of srcCfgUri, dstCfgUri, and projectName, in CubeService.java is not properly handled...

8.8CVSS2.5AI score0.9796EPSS
Exploits2References16Affected Software1
OSV
OSVadded 2019/07/12 3:15 p.m.5 views

CVE-2019-13027

Realization Concerto Critical Chain Planner aka CCPM 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter...

9.8CVSS7.4AI score0.02682EPSS
Exploits1References1
Prion
Prionadded 2019/07/12 3:15 p.m.11 views

Sql injection

Realization Concerto Critical Chain Planner aka CCPM 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter...

7.5CVSS9.8AI score0.02682EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2019/07/12 2:3 p.m.18 views

CVE-2019-13027

Realization Concerto Critical Chain Planner aka CCPM 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter...

10AI score0.02682EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiativeadded 2018/06/08 12:0 a.m.19 views

Advantech WebAccess Node BWSCADASoap GetNodeList SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

4CVSS1AI score0.01659EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2018/05/18 12:0 a.m.17 views

Advantech WebAccess Node BWSCADASoap GraphList SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

4CVSS0.8AI score0.01659EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2018/05/18 12:0 a.m.35 views

Advantech WebAccess Node BWSCADASoap PointListByPage SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

4CVSS0.8AI score0.01659EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2018/05/18 12:0 a.m.27 views

Advantech WebAccess Node BWSCADASoap GetUnackAlarms SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

4CVSS1.1AI score0.01659EPSS
Exploits0References1
BDU FSTEC
BDU FSTECadded 2018/04/12 12:0 a.m.4 views

The vulnerability of the ChkAdminViewUsrPwd1 component in the Advantech WebAccess remote monitoring software allows a perpetrator to execute arbitrary code.

The vulnerability of the ChkAdminViewUsrPwd1 component mailPg.asp in the Advantech WebAccess remote monitoring software is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the ProjectName and...

9.8CVSS6.2AI score0.06009EPSS
Exploits4References6Affected Software1
Zero Day Initiative
Zero Day Initiativeadded 2018/01/05 12:0 a.m.36 views

Advantech WebAccess BWSCADASoap Login Method SQL Injection Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Advantech WebAccess. The specific flaw exists within processing of the Login method of the BWSCADASoap entry point. When parsing the ProjectName and Username elements, the process does not properly...

6.8CVSS9.5AI score0.06009EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiativeadded 2016/02/05 12:0 a.m.18 views

(0Day) Advantech WebAccess webvrpcs Service BwWebSvc.dll ProjectName strncpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13C71 IOCTL in the BwOpcTool subsystem. A stack-based buff...

9.3CVSS8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2016/02/05 12:0 a.m.22 views

(0Day) Advantech WebAccess webvrpcs Service BwWebSvc.dll ProjectName strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13C76 IOCTL in the BwOpcTool subsystem. A stack-based buff...

9.3CVSS8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2016/02/05 12:0 a.m.30 views

Advantech WebAccess webvrpcs Service BwpAlarm.dll ProjectName strcat Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x11184 IOCTL in the BwpAlarm subsystem. A stack-based buffe...

9.3CVSS4.3AI score0.16655EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiativeadded 2016/02/05 12:0 a.m.31 views

Advantech WebAccess webvrpcs Service BwpAlarm.dll ProjectName strcpy Globals Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x11173 IOCTL in the BwpAlarm subsystem. A globals overflow...

9.3CVSS4AI score0.0542EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2016/02/05 12:0 a.m.20 views

(0Day) Advantech WebAccess webvrpcs Service BwWebSvc.dll ProjectName strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13C79 IOCTL in the BwOpcTool subsystem. A stack-based buff...

9.3CVSS8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2016/02/05 12:0 a.m.37 views

(0Day) Advantech WebAccess webvrpcs Service BwWebSvc.dll ProjectName sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13C71 IOCTL in the BwOpcTool subsystem. A stack-based buff...

9.3CVSS8AI score
Exploits0References1
Rows per page
Query Builder