Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

26 matches found

NVD
NVDadded 2026/02/24 1:16 a.m.4 views

CVE-2026-3051

A vulnerability has been found in DataLinkDC dinky up to 1.2.5. The affected element is the function getProjectDir of the file dinky-admin/src/main/java/org/dinky/utils/GitRepository.java of the component Project Name Handler. Such manipulation of the argument projectName leads to path traversal...

7.6CVSS0.0013EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2014-1021

Malware in sbrugna...

6.8CVSS6.1AI score0.01693EPSS
Exploits0References3
OSV
OSVadded 2024/11/12 1:15 a.m.1 views

CVE-2024-11096

A vulnerability, which was classified as critical, was found in code-projects Task Manager 1.0. This affects an unknown part of the file /newProject.php. The manipulation of the argument projectName leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS5.7AI score
Exploits0References5
CNNVD
CNNVDadded 2024/11/12 12:0 a.m.3 views

Task Manager 注入漏洞

Task Manager is an open source task manager application from Code-Projects. An injection vulnerability exists in Task Manager version 1.0, which stems from an SQL injection vulnerability in the projectName parameter of the /newProject.php page...

6.5CVSS7.1AI score0.00086EPSS
Exploits1References5
Veracode
Veracodeadded 2020/05/21 7:13 a.m.25 views

OS Command Injection

kylin-server-base is vulnerable to OS Command Injection. The vulnerability exists as the values of srcCfgUri, dstCfgUri, and projectName, in CubeService.java is not properly handled...

8.8CVSS2.5AI score0.93724EPSS
Exploits2References16Affected Software1
OSV
OSVadded 2019/07/12 3:15 p.m.1 views

CVE-2019-13027

Realization Concerto Critical Chain Planner aka CCPM 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter...

9.8CVSS7.4AI score0.06308EPSS
Exploits1References1
Prion
Prionadded 2019/07/12 3:15 p.m.10 views

Sql injection

Realization Concerto Critical Chain Planner aka CCPM 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter...

7.5CVSS9.8AI score0.06308EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2019/07/12 2:3 p.m.17 views

CVE-2019-13027

Realization Concerto Critical Chain Planner aka CCPM 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter...

10AI score0.06308EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiativeadded 2018/06/08 12:0 a.m.16 views

Advantech WebAccess Node BWSCADASoap GetNodeList SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

4CVSS1AI score0.00267EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2018/05/18 12:0 a.m.16 views

Advantech WebAccess Node BWSCADASoap PointListByPage SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

4CVSS0.8AI score0.00267EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2018/05/18 12:0 a.m.16 views

Advantech WebAccess Node BWSCADASoap GraphList SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

4CVSS0.8AI score0.00267EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2018/05/18 12:0 a.m.24 views

Advantech WebAccess Node BWSCADASoap GetUnackAlarms SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

4CVSS1.1AI score0.00267EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2018/01/05 12:0 a.m.34 views

Advantech WebAccess BWSCADASoap Login Method SQL Injection Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Advantech WebAccess. The specific flaw exists within processing of the Login method of the BWSCADASoap entry point. When parsing the ProjectName and Username elements, the process does not properly...

6.8CVSS9.5AI score0.02852EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiativeadded 2016/02/05 12:0 a.m.22 views

Advantech WebAccess webvrpcs Service BwpAlarm.dll ProjectName strcpy Globals Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x11173 IOCTL in the BwpAlarm subsystem. A globals overflow...

9.3CVSS4AI score0.008EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2016/02/05 12:0 a.m.16 views

(0Day) Advantech WebAccess webvrpcs Service BwWebSvc.dll ProjectName strncpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13C71 IOCTL in the BwOpcTool subsystem. A stack-based buff...

9.3CVSS8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2016/02/05 12:0 a.m.35 views

(0Day) Advantech WebAccess webvrpcs Service BwWebSvc.dll ProjectName sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13C71 IOCTL in the BwOpcTool subsystem. A stack-based buff...

9.3CVSS8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2016/02/05 12:0 a.m.22 views

(0Day) Advantech WebAccess webvrpcs Service BwWebSvc.dll ProjectName strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13C76 IOCTL in the BwOpcTool subsystem. A stack-based buff...

9.3CVSS8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2016/02/05 12:0 a.m.27 views

Advantech WebAccess webvrpcs Service BwpAlarm.dll ProjectName strcat Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x11184 IOCTL in the BwpAlarm subsystem. A stack-based buffe...

9.3CVSS4.3AI score0.51468EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiativeadded 2016/02/05 12:0 a.m.20 views

(0Day) Advantech WebAccess webvrpcs Service BwWebSvc.dll ProjectName strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13C79 IOCTL in the BwOpcTool subsystem. A stack-based buff...

9.3CVSS8AI score
Exploits0References1
Check Point Advisories
Check Point Advisoriesadded 2014/10/14 12:0 a.m.3 views

Advantech WebAccess SCADA ProjectName Parameter Buffer Overflow (CVE-2014-0991)

A stack buffer overflow exists in Advantech's WebAccess SCADA software. This is due to insufficient input validation of the ProjectName parameter contained in the webvact.ocx ActiveX control, a part of the WebAccess Client. A remote, unauthenticated attacker could exploit this vulnerability by...

6.8CVSS6.6AI score0.01693EPSS
Exploits0
Rows per page
Query Builder