Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 9:7 a.m.3 views

CVE-2017-1002015

Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/adminsetting.php via selectMulGallery parameter...

9.8CVSS8.2AI score0.0601EPSS
Exploits1References1
NVD
NVDadded 2024/04/15 3:16 a.m.10 views

CVE-2024-3774

aEnrich Technology a+HRD's functionality for front-end retrieval of system configuration values lacks proper restrictions on a specific parameter, allowing attackers to modify this parameter to access certain sensitive system configuration values...

5.3CVSS5.2AI score0.00074EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/10/17 12:0 a.m.1 views

EasyUse MailHunter Ultimate SQL Injection Vulnerability

EasyUse MailHunter Ultimate is an accurate email finder tool from EasyUse China. A security vulnerability exists in EasyUse MailHunter Ultimate 2023 and prior versions, which stems from the presence of a SQL injection vulnerability that allows an authenticated remote user to execute arbitrary SQL...

8.8CVSS8.4AI score0.00054EPSS
Exploits0References2
OSV
OSVadded 2023/09/30 10:15 p.m.0 views

CVE-2023-43724

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "derb6zmklgtjuhh2cn5chn2qjbm2stgmfa4.oastify.comscription1name" parameter, potentially leading to unauthorized execution of scripts within a user's web...

5.4CVSS6AI score0.00105EPSS
Exploits1References2
NVD
NVDadded 2021/10/08 4:15 p.m.8 views

CVE-2021-41975

TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the specific parameter to delete arbitrary files in the system without logging in...

9.1CVSS0.00883EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2017/03/21 12:0 a.m.49 views

Microsoft Windows DrawIconEx Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the code in the...

6.9CVSS4.4AI score0.01714EPSS
Exploits0References1
Prion
Prionadded 2011/10/07 10:55 a.m.10 views

Sql injection

SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the specific parameter...

7.5CVSS9.1AI score0.00262EPSS
Exploits1References4Affected Software1
Prion
Prionadded 2010/12/30 9:0 p.m.12 views

Sql injection

Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute arbitrary SQL commands via the 1 article parameter to kb.asp, 2 specific parameter to cart.asp, 3 countrycode parameter to contact.asp, and the 4 srch parameter to search.asp. NOTE: the article...

7.5CVSS8.9AI score0.01606EPSS
Exploits7References6Affected Software1
Packet Storm
Packet Stormadded 2010/11/12 12:0 a.m.20 views

ASPilot Pilot Cart 7.3 SQL Injection

Title: ASPilot Pilot Cart 7.3 SQL Injection Date: 12.11.2010 Author: Daikin Software Link: http://www.pilotcart.com Version: 7.3 maybe also lower Vendor's Description of Software and demo: http://www.pilotcart.com Dork: Powered by Pilot Cart V.7.3 Application Info: Name: Pilot Cart version last 7...

0.1AI score
Exploits0
Rows per page
Query Builder