Lucene search
K

157 matches found

OSV
OSV
added 2024/09/06 12:0 a.m.8 views

CVE-2024-44838

RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the username parameter at /resource/runlogin.php...

9.8CVSS8.2AI score0.00503EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/09/06 12:0 a.m.16 views

CVE-2024-45771

RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the password parameter at /resource/runlogin.php...

8.5AI score0.00492EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/06 12:0 a.m.16 views

CVE-2024-44839

RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the articleid parameter at /default/article.php...

8.3AI score0.00492EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/06 12:0 a.m.15 views

CVE-2024-44838

RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the username parameter at /resource/runlogin.php...

8.3AI score0.00503EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/09/06 12:0 a.m.23 views

CVE-2024-44839

RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the articleid parameter at /default/article.php...

0.00492EPSS
Exploits1References1
CVE
CVE
added 2024/09/06 12:0 a.m.55 views

CVE-2024-44838

RapidCMS v1.3.1 contains a SQL injection vulnerability in the login path via the username parameter to /resource/runlogin.php. Impacted with high confidentiality, integrity, and availability (per CVSS 3.1: 9.8). No remediation or exploit details are provided in the supplied documents.

9.8CVSS7.9AI score0.00503EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/09/06 12:0 a.m.55 views

CVE-2024-44839

RapidCMS v1.3.1 contains a SQL injection flaw via the articleid parameter in /default/article.php. The vulnerability impacts confidentiality, integrity, and availability (CVSS 3.1 base score 9.8). No patch/version fix is specified in the provided documents; a PT-2024-31274 note cites no informati...

9.8CVSS7.9AI score0.00492EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/09/06 12:0 a.m.56 views

CVE-2024-45771

RapidCMS v1.3.1 contains a SQL injection via the password parameter at /resource/runlogin.php. Root cause appears to be unsanitized input in the login endpoint, enabling high-impact attacks (CVSS 3.1 base score 9.8, CRITICAL). Public exploit details are not provided in the documents. Some sources...

9.8CVSS8.1AI score0.00492EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2024/08/30 1:15 p.m.13 views

CVE-2024-8335

A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. Affected is an unknown function of the file /resource/runlogon.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

9.8CVSS0.0059EPSS
Exploits1References4
OSV
OSV
added 2024/08/30 12:31 p.m.8 views

CVE-2024-8335 OpenRapid RapidCMS runlogon.php sql injection

A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. Affected is an unknown function of the file /resource/runlogon.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

5.3CVSS5.8AI score0.0059EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2024/08/30 12:31 p.m.18 views

CVE-2024-8335 OpenRapid RapidCMS runlogon.php sql injection

A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. Affected is an unknown function of the file /resource/runlogon.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

6.5CVSS7.7AI score0.0059EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/08/30 12:31 p.m.21 views

CVE-2024-8335 OpenRapid RapidCMS runlogon.php sql injection

A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. Affected is an unknown function of the file /resource/runlogon.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

6.5CVSS0.0059EPSS
Exploits1References4
CVE
CVE
added 2024/08/30 12:31 p.m.47 views

CVE-2024-8335

CVE-2024-8335 affects OpenRapid RapidCMS up to 1.3.1. A SQL injection flaw exists in an unknown function of /resource/runlogon.php triggered by manipulating the username parameter, with remote exploitation reported. Public exploit/disclosures are present. A workaround mentioned in PT-Security gui...

9.8CVSS7.4AI score0.0059EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2024/08/30 11:15 a.m.12 views

CVE-2024-8331

A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been classified as critical. This affects an unknown part of the file /admin/user/user-move-run.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit ha...

9.8CVSS0.0058EPSS
Exploits1References4
OSV
OSV
added 2024/08/30 11:0 a.m.12 views

CVE-2024-8331 OpenRapid RapidCMS user-move-run.php sql injection

A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been classified as critical. This affects an unknown part of the file /admin/user/user-move-run.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit ha...

5.3CVSS6.5AI score0.0058EPSS
Exploits1References6
Cvelist
Cvelist
added 2024/08/30 11:0 a.m.27 views

CVE-2024-8331 OpenRapid RapidCMS user-move-run.php sql injection

A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been classified as critical. This affects an unknown part of the file /admin/user/user-move-run.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit ha...

6.5CVSS0.0058EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/08/30 11:0 a.m.26 views

CVE-2024-8331 OpenRapid RapidCMS user-move-run.php sql injection

A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been classified as critical. This affects an unknown part of the file /admin/user/user-move-run.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit ha...

6.5CVSS7.3AI score0.0058EPSS
Exploits1References4
CVE
CVE
added 2024/08/30 11:0 a.m.49 views

CVE-2024-8331

OpenRapid RapidCMS up to v1.3.1 is affected by a SQL injection in /admin/user/user-move-run.php via the username parameter. The issue allows remote exploitation and has public PoCs/exploit details. The exact root cause is the SQL injection in the username argument, impacting confidentiality, inte...

9.8CVSS7.3AI score0.0058EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2024/08/30 12:0 a.m.5 views

OpenRapid RapidCMS SQL注入漏洞

OpenRapid RapidCMS is OpenRapid open source a fast and easy to use CMS system. A SQL injection vulnerability exists in OpenRapid RapidCMS version 1.3.1 and earlier versions, which originates from a SQL injection vulnerability in the username parameter of the /admin/user/user-move-run.php file...

9.8CVSS6.9AI score0.0058EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/08/30 12:0 a.m.5 views

PT-2024-38946 · Openrapid · Openrapid Rapidcms

Name of the Vulnerable Software and Affected Versions: OpenRapid RapidCMS versions up to 1.3.1 Description: A critical issue was found in OpenRapid RapidCMS, affecting the file /admin/user/user-move-run.php. The manipulation of the username argument leads to SQL injection. It is possible to...

9.8CVSS7.2AI score0.0058EPSS
Exploits1References12
Rows per page
Query Builder