Lucene search
K

6 matches found

NVD
NVD
added 2021/12/29 3:15 p.m.11 views

CVE-2021-36722

Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing login authentication or dumping the whole database to full RCE on the affected endpoints. The SQLi caused by CWE-209: Generation of Error Message Containig Sensetive Information, showing parts of the aspx...

10CVSS0.01348EPSS
Exploits0References1
Prion
Prion
added 2021/12/29 3:15 p.m.10 views

Sql injection

Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing login authentication or dumping the whole database to full RCE on the affected endpoints. The SQLi caused by CWE-209: Generation of Error Message Containig Sensetive Information, showing parts of the aspx...

10CVSS9.8AI score0.01348EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2021/11/03 9:34 p.m.78 views

Exploit for Forced Browsing in Engineers_Online_Portal_Project Engineers_Online_Portal

CVE-2021-42671 CVE-2021-42671 - Broken access control vulnerab...

7.5CVSS8.8AI score0.19676EPSS
Exploits3
IBM AIX
IBM AIX
added 2018/10/24 11:28 a.m.791 views

Vulnerabilities in OpenSSH affect AIX.

IBM SECURITY ADVISORY First Issued: Wed Oct 24 11:28:50 CDT 2018 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/opensshadvisory12.asc https://aix.software.ibm.com/aix/efixes/security/opensshadvisory12.asc...

5.9CVSS0.7AI score0.98631EPSS
Exploits23
OpenVAS
OpenVAS
added 2010/12/09 12:0 a.m.19 views

Abtp Portal Project <= 0.1.0 Local and Remote File Include Vulnerabilities

Abtp Portal Project is prone to local and remote file include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

7.4AI score
Exploits0References1
NVD
NVD
added 2009/08/07 7:0 p.m.15 views

CVE-2009-2713

The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On CDSSO is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote attackers to obtain sensitive information via unspecified vectors...

4.3CVSS5.9AI score0.0171EPSS
Exploits0References5
Rows per page
Query Builder