CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-49785

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00451EPSS

Exploits0References1

NVD•added 2024/10/10 11:15 a.m.•9 views

CVE-2024-9201

The SEUR plugin, in its versions prior to 2.5.11, is vulnerable to time-based SQL injection through the use of the ‘idorder’ parameter of the ‘/modules/seur/ajax/saveCodFee.php’ endpoint...

9.8CVSS0.00451EPSS

Exploits0References1

OSV•added 2024/10/10 11:15 a.m.•3 views

CVE-2024-9201

The SEUR plugin, in its versions prior to 2.5.11, is vulnerable to time-based SQL injection through the use of the ‘idorder’ parameter of the ‘/modules/seur/ajax/saveCodFee.php’ endpoint...

9.8CVSS5.8AI score

Exploits0References1

CVE•added 2024/10/10 10:25 a.m.•39 views

CVE-2024-9201

The SEUR Oficial plugin is affected by a time-based SQL injection in versions before 2.5.11, exploitable via the id_order parameter at /modules/seur/ajax/saveCodFee.php. Patch to 2.5.11+ (or later) to fix; the vulnerability is documented with high-severity CVSS metrics and patch status indicating...

9.8CVSS9.7AI score0.00451EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/10/10 10:25 a.m.•5 views

CVE-2024-9201 SQL injection vulnerability in SEUR plugin

The SEUR plugin, in its versions prior to 2.5.11, is vulnerable to time-based SQL injection through the use of the ‘idorder’ parameter of the ‘/modules/seur/ajax/saveCodFee.php’ endpoint...

9.4CVSS9.7AI score0.00451EPSS

Exploits0References1

Cvelist•added 2024/10/10 10:25 a.m.•14 views

CVE-2024-9201 SQL injection vulnerability in SEUR plugin

The SEUR plugin, in its versions prior to 2.5.11, is vulnerable to time-based SQL injection through the use of the ‘idorder’ parameter of the ‘/modules/seur/ajax/saveCodFee.php’ endpoint...

9.4CVSS0.00451EPSS

Exploits0References1

CNNVD•added 2024/10/10 12:0 a.m.•1 views

SEUR plugin SQL注入漏洞

SEUR plugin is a Prestahop plugin from SEUR. A SQL injection vulnerability exists in SEUR plugin versions prior to 2.5.11, which stems from a time-based SQL injection attack via the idorder parameter...

9.8CVSS7.8AI score0.00451EPSS

Exploits0References2

Positive Technologies•added 2024/10/10 12:0 a.m.•2 views

PT-2024-39484 · Unknown · Seur Plugin

Name of the Vulnerable Software and Affected Versions: SEUR plugin versions prior to 2.5.11 Description: The SEUR plugin is vulnerable to time-based SQL injection through the use of the id order parameter of the "/modules/seur/ajax/saveCodFee.php" endpoint. This issue affects versions prior to...

9.8CVSS7.8AI score0.00451EPSS

Exploits0References9

OSV•added 2022/02/07 4:15 p.m.•0 views

CVE-2021-25004

The SEUR Oficial WordPress plugin before 1.7.2 creates a PHP file with a random name when installed, even though it is used for support purposes, it allows to download any file from the web server without restriction after knowing the URL and a password than an administrator can see in the plugin...

4.9CVSS5.8AI score

Exploits0References1

Prion•added 2022/02/07 4:15 p.m.•7 views

Code injection

4CVSS5.2AI score0.00639EPSS

Exploits2References1Affected Software1

WPVulnDB•added 2021/12/20 12:0 a.m.•18 views

SEUR Oficial < 1.7.0 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape some of its settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC Put the following payload in one of the plugin's settings: " Affected files:...

4.8CVSS2.7AI score0.00206EPSS

Exploits2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by