Lucene search
+L

50 matches found

prion
prion
added 2024/01/12 5:15 a.m.22 views

Sql injection

A vulnerability was found in Weitong Mall 1.0.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file platform-shop\src\main\resources\com\platform\dao\OrderDao.xml. The manipulation of the argument sidx/order leads to sql injection. The...

7.5CVSS8AI score0.00549EPSS
Exploits1References3Affected Software1
ptsecurity
ptsecurity
added 2023/06/12 12:0 a.m.3 views

PT-2023-23591 · Unknown · Roadflow Visual Process Engine

Name of the Vulnerable Software and Affected Versions: RoadFlow Visual Process Engine .NET Core Mvc version 2.13.3 Description: A critical issue has been found in the Login component of the affected software, specifically in the file "/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=ta...

8.8CVSS7.2AI score0.0073EPSS
Exploits1References5
wpvulndb
wpvulndb
added 2021/02/08 12:0 a.m.21 views

Newsletter by Supsystic <= 1.5.6 - Authenticated SQL Injection

The GET parameter "sidx" is used in a SQL statement without being sanitised when searching for subscribers in the dashboard, leading to an authenticated SQL Injection issue. PoC The PoC will be displayed once the issue has been remediated...

2.7AI score
Exploits0References1Affected Software1
exploitdb
exploitdb
added 2021/02/08 12:0 a.m.941 views

WordPress Plugin Supsystic Membership 1.4.7 - &#039;sidx&#039; SQL injection

Exploit Title: WordPress Plugin Supsystic Membership 1.4.7 - 'sidx' SQL injection Date: 09/08/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/membership-by-supsystic.1.4.7.zip Version: 1.4.7 Tested on: Ubuntu...

7.4AI score
Exploits0
prion
prion
added 2019/12/09 8:15 p.m.12 views

Sql injection

SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to execute arbitrary SQL commands via the SIDX parameter...

6.5CVSS9AI score0.01566EPSS
Exploits2References1Affected Software1
cvelist
cvelist
added 2019/12/09 7:13 p.m.15 views

CVE-2015-3424

SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to execute arbitrary SQL commands via the SIDX parameter...

9.2AI score0.01566EPSS
Exploits2References1
prion
prion
added 2019/07/19 4:15 p.m.15 views

Sql injection

H3C H3Cloud OS all versions allows SQL injection via the ear/gridevent sidx parameter...

7.5CVSS9.8AI score0.01452EPSS
Exploits1References1
cvelist
cvelist
added 2019/07/19 3:52 p.m.26 views

CVE-2019-12193

H3C H3Cloud OS all versions allows SQL injection via the ear/gridevent sidx parameter...

9.9AI score0.01452EPSS
Exploits1References1
nessus
nessus
added 2015/11/30 12:0 a.m.37 views

openSUSE Security Update : ffmpeg (openSUSE-2015-821)

The ffmpeg package was updated to version 2.8.2 to fix the following security and non security issues : - CVE-2015-8216: Fixed the ljpegdecodeyuvscan function in libavcodec/mjpegdec.c which could cause a denial of service out-of-bounds array access bnc955346. - CVE-2015-8217: Fixed the...

7.5CVSS8.1AI score0.02412EPSS
Exploits0References8
cvelist
cvelist
added 2014/07/21 2:0 p.m.29 views

CVE-2014-5017

SQL injection vulnerability in CPDB in application/controllers/admin/participantsaction.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to execute arbitrary SQL commands via the sidx parameter in a JSON request to admin/participants/sa/getParticipantsjson, related to a search paramet...

8.3AI score0.01897EPSS
Exploits1References2
Rows per page
Query Builder