Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

70 matches found

Vulnrichment
Vulnrichmentadded 2023/10/02 12:0 a.m.10 views

CVE-2023-41580

Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request...

7.5AI score0.0056EPSS
Exploits1References2
NVD
NVDadded 2023/07/24 12:15 a.m.8 views

CVE-2023-3855

A vulnerability classified as problematic was found in phpscriptpoint JobSeeker 1.5. Affected by this vulnerability is an unknown functionality of the file /search-result.php. The manipulation of the argument kw/lc/ct/cp/p leads to cross site scripting. The attack can be launched remotely. The...

6.1CVSS4.5AI score0.00075EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/07/23 11:31 p.m.10 views

CVE-2023-3855 phpscriptpoint JobSeeker search-result.php cross site scripting

A vulnerability classified as problematic was found in phpscriptpoint JobSeeker 1.5. Affected by this vulnerability is an unknown functionality of the file /search-result.php. The manipulation of the argument kw/lc/ct/cp/p leads to cross site scripting. The attack can be launched remotely. The...

4CVSS6.2AI score0.00075EPSS
Exploits0References2
Cvelist
Cvelistadded 2022/05/23 3:38 p.m.19 views

CVE-2022-29004

Diary Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Name parameter in search-result.php...

6.2AI score0.39704EPSS
Exploits1References3
CVE
CVEadded 2022/05/23 3:38 p.m.96 views

CVE-2022-29004

Diary Management System v1.0 is affected by a Cross-Site Scripting (XSS) vulnerability exploitable via the Name parameter in search-result.php. The Nuclei template (CVE-2022-29004) confirms the issue and describes impact as injection of malicious scripts leading to user-facing script execution, s...

6.1CVSS6AI score0.39704EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2021/08/30 8:15 p.m.0 views

CVE-2021-35062

A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token of a COVID-19 test result to execute shell commands with the permissions of the web server...

8.1CVSS5.9AI score0.0031EPSS
Exploits1References1
Prion
Prionadded 2021/08/30 8:15 p.m.12 views

Design/Logic Flaw

A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token of a COVID-19 test result to execute shell commands with the permissions of the web server...

9.3CVSS8.3AI score0.0031EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2021/08/30 7:2 p.m.17 views

CVE-2021-35062

A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token of a COVID-19 test result to execute shell commands with the permissions of the web server...

8.6AI score0.0031EPSS
Exploits1References1
CVE
CVEadded 2021/08/30 7:2 p.m.36 views

CVE-2021-35062

The CVE-2021-35062 entry describes a Shell Metacharacter Injection in the file result.php of the DRK Odenwaldkreis Testerfassung March-2021 . The flaw allows an attacker who has a valid COVID-19 test result token to trigger shell commands with the web server’s privileges, indicating a remote comm...

9.3CVSS8.3AI score0.0031EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Stormadded 2021/03/03 12:0 a.m.208 views

Doctor Appointment System 1.0 Blind SQL Injection

Exploit Title: Doctor Appointment System 1.0 Blind SQL injection in email parameter Date: 03-03-2021 CVE: CVE-2021-27319 Exploit Author: Nakul Ratti Vendor Homepage: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html Software Link:...

0.1AI score0.32844EPSS
Exploits4
Prion
Prionadded 2019/09/22 3:15 p.m.17 views

Sql injection

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used...

7.5CVSS9.8AI score0.00761EPSS
Exploits1References1Affected Software1
Openbugbounty
Openbugbountyadded 2018/08/18 10:12 p.m.10 views

hec-taiwan.com XSS vulnerability

Open Bug Bounty ID: OBB-666302 Description| Value ---|--- Affected Website:| hec-taiwan.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbountyadded 2018/04/05 10:42 a.m.12 views

solidariteitdiversiteit.be XSS vulnerability

Open Bug Bounty ID: OBB-597548 Description| Value ---|--- Affected Website:| solidariteitdiversiteit.be Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbountyadded 2018/03/31 12:42 p.m.7 views

hec-taiwan.com IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-594741 Description| Value ---|--- Affected Website:| hec-taiwan.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
NVD
NVDadded 2017/12/13 9:29 a.m.9 views

CVE-2017-17570

FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php florig or fldest parameter...

9.8CVSS10AI score0.02377EPSS
Exploits1References2
NVD
NVDadded 2017/12/13 9:29 a.m.8 views

CVE-2017-17584

FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.php florig or fldest parameter...

9.8CVSS10AI score0.02377EPSS
Exploits1References2
Prion
Prionadded 2017/12/13 9:29 a.m.12 views

Sql injection

FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php florig or fldest parameter...

7.5CVSS9.9AI score0.02377EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2017/12/13 9:0 a.m.46 views

CVE-2017-17570

FS Expedia Clone 1.0 is affected by a SQL injection vulnerability in input parameters to pages.php (id), content.php (id) and show-flight-result.php (fl_orig, fl_dest). The issue stems from unsanitized user input in SQL queries, enabling remote attackers to inject commands. Public reports (Exploi...

9.8CVSS9.9AI score0.02377EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2017/12/13 9:0 a.m.12 views

CVE-2017-17584

FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.php florig or fldest parameter...

10AI score0.02377EPSS
Exploits1References2
Cvelist
Cvelistadded 2017/12/13 9:0 a.m.15 views

CVE-2017-17570

FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php florig or fldest parameter...

10AI score0.02377EPSS
Exploits1References2
Rows per page
Query Builder