Lucene search
+L

472 matches found

cnvd
cnvd
added 2021/09/22 12:0 a.m.10 views

SQL Injection Vulnerability in Water Resources Engineering Management System of Siltronic Ltd.

SCT is an information service provider in China, dedicated to the cause of disaster mitigation and benefit reduction, and provides the government with comprehensive solutions for disaster mitigation and benefit reduction informatization. A SQL injection vulnerability exists in the water project...

7.6AI score
Exploits0
cnvd
cnvd
added 2021/09/12 12:0 a.m.10 views

SQL injection vulnerability exists in the website building system of Four Creation Technology Co.

SCT is a Chinese information service provider dedicated to disaster reduction and development, providing the government with comprehensive solutions for disaster reduction and development information. There is a SQL injection vulnerability in the website building system of Four Creation Technolog...

1.2AI score
Exploits0
cnvd
cnvd
added 2021/09/05 12:0 a.m.20 views

SQL Injection Vulnerability in Panmicro e-cology (CNVD-2021-73908)

Panmicro Collaborative Management Application Platform e-cology is a collaborative business platform with enterprise information portal, knowledge management, data center, workflow management, human resource management, customer and partner management, project management, financial management and...

7.5AI score
Exploits0
prion
prion
added 2021/08/24 8:15 p.m.15 views

Sql injection

EARCLINK ESPCMS-P8 was discovered to contain a SQL injection vulnerability in the espcmsweb/Search.php component via the attrarray parameter. This vulnerability allows attackers to access sensitive database information...

5CVSS7.6AI score0.01306EPSS
Exploits1References1
cnvd
cnvd
added 2021/08/24 12:0 a.m.14 views

SQL Injection Vulnerability in Gridview of Dawning Information Industry Co.

Gridview is the all-in-one comprehensive management system for high-performance computing platforms. A SQL injection vulnerability exists in Gridview of Dawning Information Industry Company Limited, which can be exploited by attackers to obtain sensitive information from the database...

7.5AI score
Exploits0
nvd
nvd
added 2021/08/18 6:15 p.m.15 views

CVE-2020-22122

A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database information via a crafted POST request...

7.5CVSS0.01254EPSS
Exploits1References1
prion
prion
added 2021/08/18 6:15 p.m.16 views

Sql injection

A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database information via a crafted POST request...

5CVSS7.6AI score0.01254EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2021/08/18 5:54 p.m.19 views

CVE-2020-22122

A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database information via a crafted POST request...

7.6AI score0.01254EPSS
Exploits1References1
cnvd
cnvd
added 2021/08/16 12:0 a.m.39 views

Nagios XI SQL Injection Vulnerability

Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting, and rich data visualization.A SQL injection vulnerability exists in the Bulk Modification Tool in versions of Nagios XI prior to 5.8.5. The vulnerability stems fr...

9.8CVSS2.1AI score0.7925EPSS
Exploits0References1
nvd
nvd
added 2021/08/12 3:15 p.m.18 views

CVE-2020-20981

A SQL injection in the /admin/?n=logs&c=index&a=dolist component of Metinfo 7.0 allows attackers to access sensitive database information...

7.5CVSS0.0135EPSS
Exploits1References1
cvelist
cvelist
added 2021/08/12 2:49 p.m.21 views

CVE-2020-20981

A SQL injection in the /admin/?n=logs&c=index&a=dolist component of Metinfo 7.0 allows attackers to access sensitive database information...

7.9AI score0.0135EPSS
Exploits1References1
cnvd
cnvd
added 2021/08/10 12:0 a.m.14 views

SQL Injection Vulnerability in Smart Meter Integrated Management System of Xintian Technology Co.

Xintian Technology Co., Ltd. is a professional manufacturer and supplier of water meters, energy meters and gas meters. A SQL injection vulnerability exists in the Smart Meter Integrated Management System of Xintian Technology Corporation, which can be exploited by attackers to obtain sensitive...

7.5AI score
Exploits0
cnvd
cnvd
added 2021/08/10 12:0 a.m.21 views

rConfig SQL Injection Vulnerability (CNVD-2021-61756)

rConfig is an open source network device configuration management utility. rConfig version 3.9.5 is vulnerable to a SQL injection vulnerability that stems from an unvalidated dbName parameter in ajaxDbInstall.php, which can be exploited by attackers to access sensitive database information...

7.5CVSS3.5AI score0.01353EPSS
Exploits1References1
cnvd
cnvd
added 2021/08/10 12:0 a.m.12 views

rConfig SQL Injection Vulnerability (CNVD-2021-61757)

rConfig is an open source network device configuration management utility. rConfig version 3.9.5 contains a SQL injection vulnerability in config.inc.php, which can be exploited by sending a specially crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php to access sensitive database...

7.5CVSS3AI score0.01558EPSS
Exploits1References1
cvelist
cvelist
added 2021/08/09 10:54 p.m.26 views

CVE-2020-23150

A SQL injection vulnerability in config.inc.php of rConfig 3.9.5 allows attackers to access sensitive database information via a crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php...

8.1AI score0.01558EPSS
Exploits1References1
cvelist
cvelist
added 2021/08/09 10:54 p.m.20 views

CVE-2020-23149

The dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a SQL injection and access sensitive database information...

8.4AI score0.01353EPSS
Exploits1References1
cnvd
cnvd
added 2021/08/09 12:0 a.m.18 views

Jeecg-boot CMS SQL Injection Vulnerability

Jeecg-Boot is a code generator-based intelligent development platform. jeecg-boot CMS version 2.3 of /jeecg boot/sys/dict/loadtreedata is vulnerable to SQL injection, which can be exploited by attackers to access sensitive database information...

7.5CVSS4AI score0.01554EPSS
Exploits1References1
osv
osv
added 2021/08/06 11:15 p.m.14 views

CVE-2020-28087

A SQL injection vulnerability in /jeecg boot/sys/dict/loadtreedata of jeecg-boot CMS 2.3 allows attackers to access sensitive database information...

7.5CVSS7.7AI score
Exploits0References1
cvelist
cvelist
added 2021/08/06 10:38 p.m.23 views

CVE-2020-28087

A SQL injection vulnerability in /jeecg boot/sys/dict/loadtreedata of jeecg-boot CMS 2.3 allows attackers to access sensitive database information...

7.8AI score0.01554EPSS
Exploits1References1
cnvd
cnvd
added 2021/08/05 12:0 a.m.46 views

WordPress Secure Copy Content Protection Plugin SQL Injection Vulnerability

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.Secure Copy Content Protection plugin is an application plugin for WordPress. A SQL injection vulnerability exists in...

7.2CVSS7AI score0.01344EPSS
Exploits2References1
Rows per page
Query Builder