Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

29 matches found

Cvelist
Cvelistadded 2025/04/16 5:37 p.m.7 views

CVE-2025-27495

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'CreateTrace' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and...

9.8CVSS0.00053EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/02/25 12:0 a.m.3 views

PT-2025-7940 · Posthog · Posthog

Name of the Vulnerable Software and Affected Versions: PostHog affected versions not specified Description: The issue concerns a SQL injection vulnerability in PostHog's ClickHouse table functions, potentially leading to remote code execution. Recommendations: At the moment, there is no informati...

8CVSS7.1AI score0.002EPSS
Exploits0References11
Positive Technologies
Positive Technologiesadded 2024/10/29 12:0 a.m.3 views

PT-2024-7609 · Qurouter · Qurouter

Name of the Vulnerable Software and Affected Versions: QuRouter versions prior to 2.4.5.032 Description: A SQL injection vulnerability has been reported to affect QuRouter, allowing remote attackers to inject malicious code if exploited. The vulnerability is related to errors in processing input...

10CVSS9.7AI score0.02155EPSS
Exploits0References25
Positive Technologies
Positive Technologiesadded 2024/10/25 12:0 a.m.4 views

PT-2024-33155 · Unknown · Best Courier Management System

Name of the Vulnerable Software and Affected Versions: Best courier management system in php version 1.0 Description: The issue allows a remote attacker to execute arbitrary code via the email parameter of the "login request" API endpoint. This enables the attacker to inject malicious SQL code,...

9.8CVSS8.3AI score0.01858EPSS
Exploits1References4
NVD
NVDadded 2024/07/05 5:15 p.m.10 views

CVE-2024-27709

SQL Injection vulnerability in Eskooly Web Product v.3.0 allows a remote attacker to execute arbitrary code via the searchby parameter of the allstudents.php component and the id parameter of the requestmanager.php component...

9.8CVSS0.00989EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/01/08 12:0 a.m.2 views

CVE-2023-50162

SQL injection vulnerability in EmpireCMS v7.5, allows remote attackers to execute arbitrary code and obtain sensitive information via the DoExecSql function...

7.4AI score0.00856EPSS
Exploits1References1
OSV
OSVadded 2022/07/23 12:0 a.m.4 views

GHSA-QV6H-PCF2-2W3G Duplicate Advisory GHSA-hrgx-p36p-89q4

Duplicate Advisory This advisory is a duplicate of GHSA-hrgx-p36p-89q4. This link is maintained to preserve external references. Original Description PrestaShop 1.6.0.10 through 1.7.x before 1.7.8.2 allows remote attackers to execute arbitrary code, aka a "previously unknown vulnerability chain"...

9.8CVSS7.9AI score
Exploits2References3
Zero Day Initiative
Zero Day Initiativeadded 2018/01/10 12:0 a.m.22 views

Trend Micro Control Manager GetScheduleSubscription SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6CVSS9.1AI score0.2232EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2013/10/16 12:0 a.m.32 views

Hewlett-Packard Intelligent Management Center APM monitorId SQL Injection Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the APM module's AppDataDaoImpl class. The monitorId parameter does n...

7.5CVSS2.7AI score0.00889EPSS
Exploits0References1
Rows per page
Query Builder