Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-10733

Malware in sbrugna...

8.8CVSS8.6AI score0.01021EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-30097

Malware in sbrugna...

7.5CVSS7.5AI score0.01415EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 3:43 p.m.8 views

CVE-2020-9268

SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nomcreateur= substring...

7.5CVSS8.1AI score0.01415EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:43 p.m.7 views

CVE-2020-9266

SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajaxserver.php...

6.5CVSS7.2AI score0.0052EPSS
Exploits1References1
NVD
NVD
added 2020/02/22 10:15 p.m.17 views

CVE-2020-9339

SOPlanning 1.45 allows XSS via the Name or Comment to status.php...

5.4CVSS5.3AI score0.00557EPSS
Exploits1References1
NVD
NVD
added 2020/02/22 10:15 p.m.11 views

CVE-2020-9338

SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field...

5.4CVSS5.3AI score0.00531EPSS
Exploits1References1
Prion
Prion
added 2020/02/22 10:15 p.m.10 views

Cross site scripting

SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field...

3.5CVSS5.2AI score0.00531EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/02/22 9:38 p.m.15 views

CVE-2020-9338

SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field...

5.3AI score0.00531EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2020/02/22 12:0 a.m.22 views

CVE-2020-9339

SOPlanning 1.45 allows XSS via the Name or Comment to status.php. Recent assessments: horshark at March 09, 2020 8:38pm UTC reported: Recap Javascript execution. Where On the ip/www/status.php page, you can execute Javascript in the name and comment fields. Assessed Attacker Value: 2 Assessed...

5.4CVSS4.8AI score0.00557EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2020/02/22 12:0 a.m.17 views

CVE-2020-9338

SOPlanning 1.45 allows XSS via the “Your SoPlanning url” field. Recent assessments: horshark at March 09, 2020 8:34pm UTC reported: Not a lot of information provided for this CVE. However, this is a javascript code execution in Your SoPlanning Url field which you can find in Global Settings leadi...

5.4CVSS2AI score0.00531EPSS
Exploits1References2
NVD
NVD
added 2020/02/18 7:15 p.m.21 views

CVE-2020-9269

SOPlanning 1.45 is vulnerable to authenticated SQL Injection that leads to command execution via the users parameter, as demonstrated by exportical.php...

9CVSS7.5AI score0.02413EPSS
Exploits1References1
NVD
NVD
added 2020/02/18 7:15 p.m.12 views

CVE-2020-9268

SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nomcreateur&by= substring...

7.5CVSS7.9AI score0.01415EPSS
Exploits1References1
NVD
NVD
added 2020/02/18 7:15 p.m.15 views

CVE-2020-9266

SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajaxserver.php...

6.5CVSS6.7AI score0.0052EPSS
Exploits1References1
NVD
NVD
added 2020/02/18 7:15 p.m.13 views

CVE-2020-9267

SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary user creation via process/xajaxserver.php...

6.5CVSS6.5AI score0.0052EPSS
Exploits1References1
Prion
Prion
added 2020/02/18 7:15 p.m.13 views

Sql injection

SOPlanning 1.45 is vulnerable to authenticated SQL Injection that leads to command execution via the users parameter, as demonstrated by exportical.php...

9CVSS7.4AI score0.02413EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/02/18 7:15 p.m.14 views

Cross site request forgery (csrf)

SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary user creation via process/xajaxserver.php...

4.3CVSS6.5AI score0.0052EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/02/18 5:22 p.m.17 views

CVE-2020-9266

SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajaxserver.php...

6.7AI score0.0052EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/02/18 5:22 p.m.23 views

CVE-2020-9269

SOPlanning 1.45 is vulnerable to authenticated SQL Injection that leads to command execution via the users parameter, as demonstrated by exportical.php...

7.5AI score0.02413EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2020/02/18 12:0 a.m.18 views

CVE-2020-9268

SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nomcreateur&by= substring. Recent assessments: J3rryBl4nks at March 09, 2020 9:11pm UTC reported: This SQL Injection is trivial to identify and exploit: This injection will allow you to...

7.5CVSS2.4AI score0.01415EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2020/02/18 12:0 a.m.16 views

CVE-2020-9266

SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajaxserver.php. Recent assessments: J3rryBl4nks at March 09, 2020 9:14pm UTC reported: Because there is no stored XSS That I could find at least you need to have interaction for th...

6.5CVSS1.2AI score0.0052EPSS
Exploits1References2
Rows per page
Query Builder