CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1593 matches found

NVD•added 2023/12/28 11:15 p.m.•9 views

CVE-2023-7139

A vulnerability has been found in code-projects Client Details System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/regester.php of the component HTTP POST Request Handler. The manipulation of the argument fname/lname/email/contact leads to sql...

9.8CVSS0.00107EPSS

Exploits1References3

CVE•added 2023/12/28 10:31 p.m.•50 views

CVE-2023-7139

The CVE-2023-7139 entry affects the code-projects Client Details System 1.0 . A vulnerability exists in the file /admin/regester.php of the HTTP POST Request Handler where manipulation of the arguments fname , lname , email , and contact leads to an SQL injection . The vulnerability has been disc...

9.8CVSS7.4AI score0.00107EPSS

Exploits1References3Affected Software1

OSV•added 2023/12/28 10:15 p.m.•2 views

CVE-2023-7137

A vulnerability, which was classified as critical, has been found in code-projects Client Details System 1.0. Affected by this issue is some unknown functionality of the component HTTP POST Request Handler. The manipulation of the argument uemail leads to sql injection. The exploit has been...

8.8CVSS5.7AI score0.04556EPSS

Exploits4References3

NVD•added 2023/12/28 10:15 p.m.•10 views

CVE-2023-7138

A vulnerability, which was classified as critical, was found in code-projects Client Details System 1.0. This affects an unknown part of the file /admin of the component HTTP POST Request Handler. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to...

8.8CVSS0.00123EPSS

Exploits1References3

NVD•added 2023/12/28 10:15 p.m.•10 views

CVE-2023-7137

8.8CVSS0.04556EPSS

Exploits4References3

Prion•added 2023/12/28 10:15 p.m.•19 views

Sql injection

5.8CVSS7.7AI score0.04556EPSS

Exploits4References3Affected Software1

Prion•added 2023/12/28 10:15 p.m.•22 views

Sql injection

5.8CVSS7.7AI score0.00123EPSS

Exploits1References3Affected Software1

CVE•added 2023/12/28 9:31 p.m.•55 views

CVE-2023-7137

CVE-2023-7137 affects code-projects Client Details System 1.0. Multiple connected documents confirm a SQL injection in the HTTP POST Request Handler via the uemail parameter (in /clientdetails/), with the vulnerable software version reported as 1.0. The issue is described as critical, with exploi...

8.8CVSS7.7AI score0.04556EPSS

Exploits4References3Affected Software1

NVD•added 2023/12/28 6:15 p.m.•10 views

CVE-2023-7133

A vulnerability was found in yproject RuoYi 4.7.8. It has been declared as problematic. This vulnerability affects unknown code of the file /login of the component HTTP POST Request Handler. The manipulation of the argument rememberMe with the input falsen3f0malert1p86o0 leads to cross site...

6.1CVSS0.00145EPSS

Exploits1References3

OSV•added 2023/12/28 6:15 p.m.•11 views

CVE-2023-7133

6.1CVSS6.4AI score

Exploits0References3

Prion•added 2023/12/28 6:15 p.m.•12 views

Cross site scripting

5CVSS6.6AI score0.00145EPSS

Exploits1References3Affected Software1

CVE•added 2023/12/28 5:31 p.m.•43 views

CVE-2023-7133

CVE-2023-7133 affects y_project RuoYi 4.7.8. The vulnerability is a cross-site scripting flaw in the HTTP POST login handler, caused by manipulating the rememberMe parameter with input like falsen3f0mp86o0. Attacker can exploit remotely; the exploit has been disclosed. Root cause centers on impro...

6.1CVSS5.2AI score0.00145EPSS

Exploits1References3Affected Software1

OSV•added 2023/12/27 4:15 p.m.•14 views

CVE-2023-7116

A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection...

9.8CVSS7.5AI score

Exploits0References3

NVD•added 2023/12/27 4:15 p.m.•6 views

CVE-2023-7116

9.8CVSS0.53813EPSS

Exploits1References3

Prion•added 2023/12/27 4:15 p.m.•12 views

Command injection

6.5CVSS7.8AI score0.53813EPSS

Exploits1References3Affected Software1

CVE•added 2023/12/27 3:31 p.m.•80 views

CVE-2023-7116

WeiYe-Jing datax-web 2.1.2 is affected by an OS command injection in the HTTP POST handler for /api/log/killJob, via manipulation of the processId parameter. The issue can be exploited remotely and has been disclosed publicly. Remediation recommended in connected templates is to update to a newer...

9.8CVSS8.4AI score0.53813EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/12/27 3:31 p.m.•12 views

CVE-2023-7116 WeiYe-Jing datax-web HTTP POST Request killJob os command injection

6.5CVSS10AI score0.53813EPSS

Exploits1References3

NVD•added 2023/12/25 1:15 a.m.•10 views

CVE-2023-7095

A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313B20191024. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag leads to buffer...

10CVSS0.09333EPSS

Exploits1References3

Prion•added 2023/12/25 1:15 a.m.•20 views

Buffer overflow

10CVSS7.4AI score0.09333EPSS

Exploits1References3Affected Software1