Lucene search
+L

29 matches found

CNNVD
CNNVD
added 2022/05/20 12:0 a.m.5 views

School Dormitory Management System SQL注入漏洞

School Dormitory Management System is a school dormitory management system. SQL injection vulnerability exists in School Dormitory Management System v1.0, which originates from /dms/admin/reports/dailycollection The report.php parameter lacks validation for external input SQL statements. An...

9.8CVSS6.1AI score0.02019EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2020/01/15 6:15 p.m.4 views

CVE-2015-5071

AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary files via the report parameter of the BIRT viewer servlet...

6.5CVSS5.8AI score0.01776EPSS
Exploits0References3
OSV
OSV
added 2018/10/24 10:29 p.m.7 views

CVE-2018-18551

ServersCheck Monitoring Software through 14.3.3 has Persistent and Reflected XSS via the sensors.html status parameter, sensors.html type parameter, sensors.html device parameter, report.html location parameter, groupdelete.html group parameter, reportsave.html query parameter, sensors.html...

6.1CVSS5.8AI score0.01058EPSS
Exploits3References2
Prion
Prion
added 2014/05/26 4:55 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in openreport.jsp in IBM Maximo Asset Management 7.x before 7.1.1.12 IFIX.20140321-1336 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request...

3.5CVSS5.5AI score0.00936EPSS
Exploits0References3Affected Software6
Cvelist
Cvelist
added 2014/05/26 4:0 p.m.31 views

CVE-2014-0825

Cross-site scripting XSS vulnerability in openreport.jsp in IBM Maximo Asset Management 7.x before 7.1.1.12 IFIX.20140321-1336 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request...

5.2AI score0.00936EPSS
Exploits0References3
NVD
NVD
added 2011/12/14 12:55 a.m.24 views

CVE-2011-4810

Multiple directory traversal vulnerabilities in WHMCompleteSolution WHMCS 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to 1 submitticket.php and 2 downloads.php, and 3 the report parameter to admin/reports.php...

5CVSS6.9AI score0.07025EPSS
Exploits2References1
Prion
Prion
added 2011/12/14 12:55 a.m.14 views

Directory traversal

Multiple directory traversal vulnerabilities in WHMCompleteSolution WHMCS 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to 1 submitticket.php and 2 downloads.php, and 3 the report parameter to admin/reports.php...

5CVSS7.4AI score0.07025EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2010/05/25 6:30 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in jsp/audit/reports/ExportReport.jsp in ManageEngine ADAudit Plus 4.0.0 build 4043 allows remote attackers to inject arbitrary web script or HTML via the reportList parameter. NOTE: the provenance of this information is unknown; the details are obtained...

4.3CVSS6AI score0.02723EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2000/05/10 12:0 a.m.5 views

PT-2000-1353 · Matt Wright · Matt Wright'S Formmail Cgi Script

Name of the Vulnerable Software and Affected Versions: Matt Wright's FormMail CGI script affected versions not specified Description: The issue allows remote attackers to obtain environmental variables via the env report parameter. This could potentially expose sensitive information about the...

5CVSS6.2AI score0.0736EPSS
Exploits0References6
Rows per page
Query Builder