Lucene search
K

70 matches found

osv
osv
added 2024/10/28 12:0 a.m.6 views

CVE-2024-48177

MRCMS 3.1.2 contains a SQL injection vulnerability via the RID parameter in /admin/article/delete.do...

8.8CVSS7.9AI score0.00416EPSS
Exploits1References3
cve
cve
added 2024/10/28 12:0 a.m.47 views

CVE-2024-48177

Affected product: MRCMS 3.1.2. Vulnerability: SQL injection via the RID parameter in /admin/article/delete.do. Root cause implied by description: unsafe handling of RID enabling injection. Impact (per CVSS): CVSSv3.1 base score 8.8 (HIGH) with Network attack vector, low attack complexity, privile...

8.8CVSS8.2AI score0.00416EPSS
Exploits1References1Affected Software1
osv
osv
added 2024/02/09 2:15 p.m.3 views

CVE-2024-25315

Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel/admin/roombook.php?rid=2...

9.8CVSS5.8AI score0.00734EPSS
Exploits1References1
prion
prion
added 2024/02/09 2:15 p.m.24 views

Sql injection

Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel/admin/roombook.php?rid=2...

7.5CVSS8.8AI score0.00734EPSS
Exploits1References1Affected Software1
ptsecurity
ptsecurity
added 2024/02/09 12:0 a.m.5 views

PT-2024-20884 · Code Projects · Code-Projects Hotel Managment System

Name of the Vulnerable Software and Affected Versions: Code-projects Hotel Managment System version 1.0 Description: The issue allows SQL Injection via the rid parameter in the "Hotel/admin/roombook.php" endpoint. This could potentially be exploited by manipulating the rid parameter to inject...

9.8CVSS9.6AI score0.00734EPSS
Exploits1References4
cnnvd
cnnvd
added 2024/02/09 12:0 a.m.6 views

Hotel Managment System SQL Injection Vulnerability

Hotel Managment System is an open source hotel management system from Code-projects. Hotel Managment System version 1.0 suffers from a SQL injection vulnerability that originates from allowing SQL injection via the rid parameter in Hotel/admin/roombook.php...

9.8CVSS8AI score0.00734EPSS
Exploits1References2
cvelist
cvelist
added 2024/02/09 12:0 a.m.34 views

CVE-2024-25315

Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel/admin/roombook.php?rid=2...

10AI score0.00734EPSS
Exploits1References1
osv
osv
added 2023/07/20 8:15 p.m.6 views

CVE-2023-31753

SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an attacker to execute arbitrary SQL commands via the "rid=" parameter...

9.8CVSS6AI score0.01057EPSS
Exploits2References1
githubexploit
githubexploit
added 2023/07/20 1:56 p.m.7 views

Exploit for SQL Injection in Endonesia

Proof of Concept for CVE-2023-31753 Description: A SQL Injectio...

9.8CVSS8.8AI score0.01057EPSS
Exploits2
cvelist
cvelist
added 2023/07/20 12:0 a.m.23 views

CVE-2023-31753

SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an attacker to execute arbitrary SQL commands via the "rid=" parameter...

10AI score0.01057EPSS
Exploits2References1
cnnvd
cnnvd
added 2023/07/20 12:0 a.m.5 views

eNdonesia SQL注入漏洞

endonesia eNdonesia is an all-in-one social tool from endonesia. A security vulnerability exists in eNdonesia version 8.7, which stems from an SQL injection in diskusi.php that allows an attacker to execute arbitrary SQL commands via the rid= parameter...

9.8CVSS9AI score0.01057EPSS
Exploits2References2
prion
prion
added 2023/05/11 10:15 p.m.18 views

Authorization

An improper authorization vulnerability exists in Rocket.Chat 6.0 that could allow a hacker to manipulate the rid parameter and change the updateMessage method that only checks whether the user is allowed to edit message in the target room...

6.4CVSS6.3AI score0.00394EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2023/05/11 12:0 a.m.3 views

Rocket.Chat 授权问题漏洞

Rocket.Chat is an open source team chat software. A security vulnerability exists in versions prior to Rocket.Chat 6.0 that stems from improper authorization and allows an attacker to manipulate the parameter rid to change certain methods...

6.5CVSS6.4AI score0.00394EPSS
Exploits0References2
osv
osv
added 2023/05/11 12:0 a.m.18 views

CVE-2023-28325

An improper authorization vulnerability exists in Rocket.Chat 6.0 that could allow a hacker to manipulate the rid parameter and change the updateMessage method that only checks whether the user is allowed to edit message in the target room...

6.5CVSS7AI score0.00394EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2023/05/11 12:0 a.m.6 views

PT-2023-21650 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat versions prior to 6.0 Description: An improper authorization issue exists that could allow a hacker to manipulate the rid parameter and change the updateMessage method, which only checks whether the user is allowed to edit a messa...

6.5CVSS6.2AI score0.00394EPSS
Exploits0References5
cnnvd
cnnvd
added 2022/08/16 12:0 a.m.5 views

Guest Management System SQL注入漏洞

Guest is an application product.Guest Management System is a web-based system designed to monitor the records of everyone who enters a school or college. An SQL injection vulnerability exists in SourceCodester Guest Management System. An attacker exploits the vulnerability to manipulate the...

9.8CVSS8.5AI score0.0073EPSS
Exploits1References3
osv
osv
added 2022/01/24 7:15 p.m.3 views

CVE-2021-41928

SQL injection in Sourcecodester Try My Recipe Recipe Sharing Website - CMS 1.0 by oretnom23, allows attackers to execute arbitrary code via the rid parameter to the viewrecipe page...

9.8CVSS7.6AI score0.01881EPSS
Exploits1References1
nvd
nvd
added 2022/01/24 7:15 p.m.19 views

CVE-2021-41928

SQL injection in Sourcecodester Try My Recipe Recipe Sharing Website - CMS 1.0 by oretnom23, allows attackers to execute arbitrary code via the rid parameter to the viewrecipe page...

9.8CVSS0.01881EPSS
Exploits1References1
osv
osv
added 2020/09/30 6:15 p.m.6 views

CVE-2020-25760

Projectworlds Visitor Management System in PHP 1.0 allows SQL Injection. The file front.php does not perform input validation on the 'rid' parameter. An attacker can append SQL queries to the input to extract sensitive information from the database...

8.8CVSS7.4AI score0.02169EPSS
Exploits4References5
ptsecurity
ptsecurity
added 2020/09/29 12:0 a.m.7 views

PT-2020-16186

Name of the Vulnerable Software and Affected Versions Projectworlds Visitor Management System version 1.0 Description The issue allows for SQL Injection due to a lack of input validation on the rid parameter in the front.php file. This enables an attacker to append SQL queries to the input,...

8.8CVSS7.3AI score0.02169EPSS
Exploits4References8
Rows per page
Query Builder