CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

NVD•added 2024/07/19 10:15 a.m.•17 views

CVE-2024-6907

A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file sort.php. The manipulation of the argument sort leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...

5.4CVSS0.00169EPSS

Exploits1References4

CVE•added 2024/07/19 10:0 a.m.•46 views

CVE-2024-6907

CVE-2024-6907 affects SourceCodester Record Management System 1.0, specifically the sort.php file where manipulation of the sort argument enables cross-site scripting (XSS). The vulnerability can be triggered remotely and has been disclosed publicly. Connected sources provide concrete details: vu...

5.4CVSS3.8AI score0.00169EPSS

Exploits1References4Affected Software1

CNVD•added 2022/04/15 12:0 a.m.•17 views

Atom.CMS SQL Injection Vulnerability (CNVD-2022-30773)

CMS is a content management system from The Digital Craft individual developers in the U.S. A SQL injection vulnerability exists in Atom.CMS version 2.0, which stems from a lack of validation of external input SQL statements in Atom.CMSadminajaxlist-sort.php, which could be exploited by attackers...

9.8CVSS6.3AI score0.00508EPSS

Exploits1References1

NVD•added 2022/04/12 4:15 p.m.•13 views

CVE-2022-28034

AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMSadminajaxlist-sort.php...

9.8CVSS0.00508EPSS

Exploits1References1

Prion•added 2022/04/12 4:15 p.m.•8 views

Sql injection

AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMSadminajaxlist-sort.php...

7.5CVSS9.8AI score0.00508EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/04/12 3:17 p.m.•11 views

CVE-2022-28034

AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMSadminajaxlist-sort.php...

10AI score0.00508EPSS

Exploits1References1

Zero Day Initiative•added 2020/08/19 12:0 a.m.•27 views

(0Day) Horde Groupware Webmail Edition Sort sortpref Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horde Groupware Webmail Edition. Authentication is required to exploit this vulnerability. The specific flaw exists within Sort.php. When parsing the sortpref parameter, the process does not properly...

6.3CVSS4.9AI score

Exploits0

seebug.org•added 2016/04/26 12:0 a.m.•12 views

phpwind <v6 sort.php 命令执行漏洞

No description provided by source...

7.1AI score

Exploits0

Prion•added 2011/09/24 12:55 a.m.•6 views

Information disclosure

PrestaShop 1.4.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by product-sort.php and certain other files...

5CVSS6.7AI score0.00283EPSS

Exploits0References3Affected Software1

myhack58•added 2010/03/24 12:0 a.m.•12 views

PHPWind 6.0 multiple cross-site scripting vulnerability-vulnerability warning-the black bar safety net

PHPWind is a domestic of the more popular PHP-based Web forum application. PHPWind 在访客注销时没有正确的过滤提交给 hack.php and search.php and read.php and post.php and thread.php and profile.php and sort.php and message.php and userpay. php, etc. page of request parameters, a remote attacker can submi...

Exploits0

Packet Storm•added 2010/03/20 12:0 a.m.•24 views

PHPWind 6.0 Cross Site Scripting

I found the PHPWind v6.0 just filter the xss code when the visitors login in, but it doesnt do it when login off. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This flaw makes its all the parameters...

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by