Lucene search
+L

291 matches found

NVD
NVD
added 2015/05/14 2:59 p.m.23 views

CVE-2015-3427

Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \ backslash in a message. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422...

7.5CVSS7.3AI score0.02003EPSS
Exploits0References3
seebug.org
seebug.org
added 2015/04/01 12:0 a.m.48 views

DamiCMS 2.2 /Web/Lib/Action/ApiAction.class.php SQL注入漏洞

/Web/Lib/Action/ApiAction.class.php$field =!empty$REQUEST'field'?injectcheck$REQUEST'field':''; $m=new Model$model,"",false; //如果使用了分页,缓存也不生效 if$page import"@.ORG.Page"; //这里改成你的Page类 $count=$m-where$where-count; $totalpage = ceil$count / $pagesize; $p = new Page$count,$pagesize; //如果使用了分页,num将不起...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/03/30 12:0 a.m.14 views

mcms 3.1.0 /app/cms/list.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/01/28 12:0 a.m.25 views

phpMyRecipes 1.2.2 /dosearch.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/12/30 12:0 a.m.17 views

PHPok 4.2.024 /framework/engine/session_file.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/12/24 12:0 a.m.14 views

DamiCMS 2.2 /Web/Lib/Action/MemberAction.class.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/09/04 12:0 a.m.35 views

74CMS最新版绕过继续任意文件读取(通用性分析)到任意文件删除

简要描述: 74CMS最新版绕过继续任意文件读取通用性分析到任意文件删除 详细说明: 0x000 简介 写这个漏洞的时候很纠结,不知道到底要提交给谁,74cms,cncert,腾讯? 最后还是交给74cms吧,因为74cms的厂商看了还是挺负责的,交给cncert又不知道能不能让厂商知道并修复,交给腾讯肯定又是忽略的节奏! 这里主要那74cms的漏洞和phpyun之前的漏洞分析,然后找出共同的问题点,然后找到来源,都是因为开发者的安全意识薄弱,还有腾讯的带头大哥榜样惹的祸,暂且这么说吧! 作为厂商只是那现成的来用,太依赖第三方的东西,完全没有自己考虑到问题的产生。...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2014/08/04 12:0 a.m.18 views

Ecmall 2.3.0 /member.app.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
WPVulnDB
WPVulnDB
added 2014/08/01 12:0 a.m.27 views

WordPress 2.1.2 - Authenticated XMLRPC SQL Injection

...

6.5CVSS2.7AI score0.07167EPSS
Exploits1References3Affected Software1
seebug.org
seebug.org
added 2014/07/21 12:0 a.m.12 views

Startbbs 1.1.5.2 /themes/default/search.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

asp autodealer (sql/dd) Multiple Vulnerabilities

No description provided by source. -----------------------------OffensiveTrack------------------------------ ---------------------------- Tunisia Muslim ------------------------------ found by : OffensiveTrack Author : AlpHaNiX website : www.offensivetrack.org contact : AlpHaATHACKERDOTBZ script ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

PHPBB 1.x/2.0.x Knowledge Base Module KB.PHP SQL Injection Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.287 views

Online Contact Manager 3.0 view.php id Parameter XSS

存在漏洞版本: =3.0 漏洞描述: Online Contact Manager 3.0 是一个web上的联系人管理系统应用。其存在由于用户的非正常输入导致的危险. 远程的用户可以注入 SQL 命令, 同时也能够执行跨站脚本攻击. 远程的用户也可以植入 html 来挂马 'view.php' 脚本没有正确的验证用户对于 ‘id’ 变量的输入。一个远程的用户可以创建一个特殊构造的 URL, 当目标用户加载此页面的时候, 将会造成目标用户的浏览器上的任意代码的执行.这个代码将会在 Online Contact Manager 中执行,会在整个网站的安全背景下运行。因此,...

7.6AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

phpscripte24 Preisschlacht Liveshop System SQL Injection (seite&aid) index.php

No description provided by source. ----------------------------Information------------------------------------------------ +Name : phpscripte24 Preisschlacht Liveshop System SQL Injection seite&aid index.php +Autor : Easy Laster +Date : 19.03.2010 +Script : phpscripte24 Preisschlacht Liveshop...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

MyBB 1.0.2/1.0.3 Managegroup.PHP SQL Injection Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Built2Go PHP Shopping SQL Injection Vulnerability

No description provided by source. Script Name: Built2Go PHP Shopping version = 1.7 Site: http://built2go.com/ Script Demo: http://demos.built2go.com/shopping/1/ Found: Br0ly Google Dork: Powered by Built2Go PHP Shopping p0c:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.45 views

deV!L`z Clanportal 1.5.5 Moviebase Addon Blind SQL Injection Vulnerability

No description provided by source. ======================================================================================== | Title : deV!Lz Clanportal 1.5.5 Moviebase Addon Blind SQL Injection Vulnerability | Author : Easy Laster | Download : http://www.modsbar.de/Addons/79/moviebase/ | Script :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

PhpMesFilms 1.8 - SQL Injection Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

XLineSoft ASPRunner 1.0/2.x Database Direct Request Information Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/10799/info ASPRunner is reported prone to multiple vulnerabilities. The reported issues include SQL injection, cross-site scripting, information disclosure and unauthorized access to database files. ASPRunner versions 2.4...

7.1AI score
Exploits0
Dsquare
Dsquare
added 2014/05/07 12:0 a.m.46 views

POSH /portal/addtoapplication.php rssurl Parameter SQL Injection

SQL injection vulnerability in portal/addtoapplication.php in POSH aka Posh portal or Portaneo 3.0 before 3.3.0 allows remote attackers to execute arbitrary SQL commands via the rssurl parameter. Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

7.5CVSS3.3AI score0.02405EPSS
Exploits2References2
Rows per page
Query Builder