Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

GithubExploit
GithubExploitadded 2026/04/11 7:13 p.m.60 views

Exploit for SQL Injection in Devcode Openstamanager

CVE-2025-69214: OpenSTAManager has a SQL Injection in ajaxsel...

8.8CVSS6AI score0.00017EPSS
Exploits3
Cvelist
Cvelistadded 2026/04/05 8:45 p.m.12 views

CVE-2019-25678 C4G BLIS 3.4 SQL Injection via users_select.php

C4G Basic Laboratory Information System 3.4 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the site parameter. Attackers can send GET requests to the usersselect.php endpoint with crafted S...

8.8CVSS0.00095EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/04/05 8:45 p.m.0 views

CVE-2019-25678

C4G Basic Laboratory Information System 3.4 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the site parameter. Attackers can send GET requests to the usersselect.php endpoint with crafted S...

8.8CVSS6.2AI score0.00095EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/05 12:0 a.m.2 views

PT-2026-30486

C4G Basic Laboratory Information System 3.4 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the site parameter. Attackers can send GET requests to the users select.php endpoint with crafted...

8.8CVSS6.2AI score0.00095EPSS
Exploits1References3
OSV
OSVadded 2026/02/06 6:11 p.m.2 views

CVE-2025-69214 OpenSTAManager has a SQL Injection in ajax_select.php (componenti endpoint)

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an SQL Injection vulnerability exists in the ajaxselect.php endpoint when handling the componenti operation. An authenticated attacker can inject malicious SQL code through the...

8.7CVSS5.9AI score0.00017EPSS
Exploits3References3
Positive Technologies
Positive Technologiesadded 2018/09/09 12:0 a.m.2 views

PT-2018-13726 · Fuel Cms · Fuel Cms

Name of the Vulnerable Software and Affected Versions: FUEL CMS version 1.4.1 Description: The issue allows for PHP code evaluation, potentially leading to pre-authentication remote code execution. This can be achieved via the filter parameter in the "pages/select/" endpoint or the data parameter...

9.8CVSS9.6AI score0.9391EPSS
Exploits17References19
Positive Technologies
Positive Technologiesadded 2013/12/07 12:0 a.m.3 views

PT-2013-1141 · Apache · Apache Solr

Name of the Vulnerable Software and Affected Versions: Apache Solr versions prior to 4.6 Description: The issue allows remote attackers to read arbitrary files via a .. dot dot or full pathname in the tr parameter to "solr/select/", when the response writer wt parameter is set to XSLT. This can b...

6.4CVSS6.1AI score0.90931EPSS
Exploits1References25
Rows per page
Query Builder