Lucene search
K

1666 matches found

NVD
NVD
added 2019/09/18 4:15 p.m.12 views

CVE-2019-14254

An issue was discovered in the secure portal in Publisure 2.1.2. Because SQL queries are not well sanitized, there are multiple SQL injections in userAccFunctions.php functions. Using this, an attacker can access passwords and/or grant access to the user account "user" in order to become...

9.8CVSS9.6AI score0.01482EPSS
Exploits2References1
Cvelist
Cvelist
added 2019/09/18 3:38 p.m.22 views

CVE-2019-14254

An issue was discovered in the secure portal in Publisure 2.1.2. Because SQL queries are not well sanitized, there are multiple SQL injections in userAccFunctions.php functions. Using this, an attacker can access passwords and/or grant access to the user account "user" in order to become...

9.7AI score0.01482EPSS
Exploits2References1
OSV
OSV
added 2019/08/14 4:15 p.m.2 views

CVE-2016-10888

The all-in-one-wp-security-and-firewall plugin before 4.0.7 for WordPress has multiple SQL injection issues...

9.8CVSS5.8AI score0.01869EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/06/03 6:23 p.m.30 views

CVE-2018-5404 The Quest Kace K1000 Appliance is vulnerable to multiple Blind SQL Injections.

The Quest Kace K1000 Appliance, versions prior to 9.0.270, allows an authenticated, remote attacker with least privileges 'User Console Only' role to potentially exploit multiple Blind SQL Injection vulnerabilities to retrieve sensitive information from the database or copy the entire database. A...

7.9AI score0.03835EPSS
Exploits4References2
OSV
OSV
added 2019/05/13 9:29 p.m.3 views

CVE-2018-16137

An issue was discovered in the Web Management Console in IPBRICK OS 6.3. There are multiple SQL injections...

8.8CVSS5.8AI score0.01269EPSS
Exploits1References1
Prion
Prion
added 2019/05/13 9:29 p.m.26 views

Sql injection

An issue was discovered in the Web Management Console in IPBRICK OS 6.3. There are multiple SQL injections...

6.5CVSS8.9AI score0.01269EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/05/13 8:18 p.m.30 views

CVE-2018-16137

An issue was discovered in the Web Management Console in IPBRICK OS 6.3. There are multiple SQL injections...

9AI score0.01269EPSS
Exploits1References1
Kitploit
Kitploit
added 2019/01/10 8:35 p.m.234 views

bypass-firewalls-by-DNS-history - Firewall Bypass Script Based On DNS History Records

This script will try to find: the direct IP address of a server behind a firewall like Cloudflare, Incapsula, SUCURI ... an old server which still running the same inactive and unmaintained website, not receiving active traffic because the A DNS record is not pointing towards it. Because it's an...

7.4AI score
Exploits0References1
0day.today
0day.today
added 2018/11/26 12:0 a.m.32 views

Ticketly 1.0 - kind_id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Ticketly 1.0 – Multiple SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link:...

0.03213EPSS
Exploits8
NVD
NVD
added 2018/09/12 2:29 p.m.20 views

CVE-2018-3885

An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The orderby parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger thes...

8.8CVSS6.6AI score0.00919EPSS
Exploits1References1
Veracode
Veracode
added 2018/08/29 4:17 a.m.22 views

SQL Injection

phpMyFAQ/phpMyFAQ is vulnerable to SQL Injections. The library does not properly escape parameters in the SQL query executed by the restore function, allowing malicious users to inject and execute arbitrary SQL queries...

7.2CVSS7.5AI score0.02088EPSS
Exploits0References3Affected Software2
OpenVAS
OpenVAS
added 2018/06/29 12:0 a.m.119 views

ASUSTOR ADM <= 3.1.2.RHG1 Multiple Vulnerabilities - Active Check

ASUSTOR ADM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:asustor:adm"; if description...

9.8CVSS9.5AI score0.4476EPSS
Exploits13References2
Packet Storm
Packet Storm
added 2018/06/12 12:0 a.m.35 views

WordPress Redirection 2.7.3 Remote File Inclusion

Details ================ Software: Redirection Version: 2.7.3 Homepage: https://wordpress.org/plugins/redirection/ Advisory report: https://advisories.dxw.com/advisories/ace-file-inclusion-redirection/ CVE: Awaiting assignment CVSS: 9 High; AV:N/AC:L/Au:S/C:C/I:C/A:C Description ================...

Exploits0
NVD
NVD
added 2018/06/08 11:29 a.m.14 views

CVE-2018-12055

Multiple SQL Injections exist in PHP Scripts Mall Schools Alert Management Script via crafted POST data in contactus.php, faq.php, about.php, photogallery.php, privacy.php, and so on...

9.8CVSS9.7AI score0.0328EPSS
Exploits5References2
Cvelist
Cvelist
added 2018/06/08 11:0 a.m.19 views

CVE-2018-12055

Multiple SQL Injections exist in PHP Scripts Mall Schools Alert Management Script via crafted POST data in contactus.php, faq.php, about.php, photogallery.php, privacy.php, and so on...

9.8AI score0.0328EPSS
Exploits5References2
NVD
NVD
added 2018/01/25 8:29 a.m.13 views

CVE-2018-6308

Multiple SQL injections exist in SugarCRM Community Edition 6.5.26 and below via the track parameter to modules\Campaigns\Tracker.php and modules\Campaigns\utils.php, the defaultcurrencyname parameter to modules\Configurator\controller.php and modules\Currencies\Currency.php, the duplicate...

9.8CVSS9.7AI score0.01097EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2018/01/18 12:0 a.m.32 views

Debian DSA-4090-1 : wordpress - security update

Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injections and various Cross-Side Scripting XSS and Server-Side Request Forgery SSRF attacks, as well as bypass some access restrictions. C Tenable Network Security, Inc. The...

9.8CVSS7.2AI score0.08204EPSS
Exploits0References13
OpenVAS
OpenVAS
added 2018/01/16 12:0 a.m.43 views

Debian: Security Advisory (DSA-4090-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7AI score0.08204EPSS
Exploits0References4
Carbon Black Blog
Carbon Black Blog
added 2017/11/09 6:0 p.m.22 views

Excerpts from The Ransomware Economy: Projections

Carbon Black recently published an investigative report on the Dark Web marketplace for ransomware. This is the final excerpt from that report, which you can find here. For more information about the rise of ransomware, and what you can do about it, check out the Ransomware Epidemic: Stop Bad...

7.5AI score
Exploits0
Debian
Debian
added 2017/10/11 11:51 a.m.33 views

[SECURITY] [DSA 3997-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3997-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez October 10, 2017 https://www.debian.org/security/faq -...

9.8CVSS7.6AI score0.13385EPSS
Exploits5
Rows per page
Query Builder