Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Cvelist
Cvelistadded 2024/10/15 12:0 a.m.14 views

CVE-2024-35584

SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...

0.85174EPSS
Exploits2References3
Vulnrichment
Vulnrichmentadded 2024/10/15 12:0 a.m.9 views

CVE-2024-35584

SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...

8.7AI score0.85174EPSS
Exploits2References3
Snyk
Snykadded 2024/07/03 12:59 a.m.1 views

SQL Injection

Overview NHibernate is a mature, open source object-relational mapper for the .NET framework. It is actively developed, fully featured and used in thousands of successful projects. Affected versions of this package are vulnerable to SQL Injection when passing unescaped user input to...

9.8CVSS7.9AI score0.00548EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2023/01/30 12:0 a.m.21 views

EulerOS Virtualization 3.0.2.2 : cyrus-sasl (EulerOS-SA-2023-1250)

According to the versions of the cyrus-sasl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE...

8.8CVSS7.5AI score0.00431EPSS
Exploits0References2
Oracle linux
Oracle linuxadded 2022/03/21 12:0 a.m.40 views

cyrus-sasl security update

2.1.23-15.0.1.2 - Escape password for SQL insert/update commands CVE-2022-24407Orabug: 33936121...

8.8CVSS1.4AI score0.00431EPSS
Exploits0
OSV
OSVadded 2022/02/24 3:15 p.m.1 views

ALPINE-CVE-2022-24407

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement...

8.8CVSS7.7AI score0.00431EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2022/02/24 12:0 a.m.325 views

Slackware Linux 14.2 / 15.0 / current cyrus-sasl Multiple Vulnerabilities (SSA:2022-055-01)

The version of cyrus-sasl installed on the remote host is prior to 2.1.28. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-055-01 advisory. - cyrus-sasl aka Cyrus SASL 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of- service in...

8.8CVSS7.7AI score0.00481EPSS
Exploits1References2
OSV
OSVadded 2022/02/22 6:0 p.m.1 views

UBUNTU-CVE-2022-24407

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement...

8.8CVSS7.2AI score0.00431EPSS
Exploits0References4
CVE
CVEadded 2020/12/31 4:26 a.m.99 views

CVE-2019-7726

CVE-2019-7726 affects NukeViet prior to 4.3.04. The affected code path is in modules/banners/funcs/click.php, where a SQL INSERT statement incorporates raw header data from HTTP requests (e.g., Referer and User-Agent). The underlying issue is SQL injection risk due to unsanitized header input bei...

9.8CVSS9.6AI score0.00743EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder