Lucene search
K

70 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.3 views

SUSE CVE-2006-3388

Cross-site scripting XSS vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter...

5.8CVSS6AI score0.01726EPSS
Exploits0References4
NVD
NVD
added 2022/08/17 9:15 p.m.17 views

CVE-2022-35148

maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability via the table parameter at database/columns.html...

6.5CVSS0.00587EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/08/17 8:56 p.m.13 views

CVE-2022-35148

maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability via the table parameter at database/columns.html...

7AI score0.00587EPSS
Exploits1References1
CVE
CVE
added 2022/08/17 8:56 p.m.60 views

CVE-2022-35148

The CVE-2022-35148 entry concerns maccms10 versions from v2021.1000.1081 to v2022.1000.3031, where a SQL injection exists via the table parameter on the database/columns.html endpoint. Root cause: unsafe handling of the table parameter leads to injection. Impact is described as SQL injection; no ...

6.5CVSS6.7AI score0.00587EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/08/17 12:0 a.m.4 views

PT-2022-22600 · Maccms10 · Maccms10

Name of the Vulnerable Software and Affected Versions: maccms10 versions v2021.1000.1081 through v2022.1000.3031 Description: A SQL injection issue was found via the table parameter at the "database/columns.html" endpoint. Recommendations: For versions v2021.1000.1081 through v2022.1000.3031, avo...

6.5CVSS6.9AI score0.00587EPSS
Exploits1References2
OSV
OSV
added 2020/11/13 4:15 p.m.1 views

CVE-2020-21667

In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL injection...

7.2CVSS7AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2019/10/04 8:55 p.m.12 views

CVE-2008-5621

Cross-site request forgery CSRF vulnerability in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allows remote attackers to perform unauthorized actions as the administrator via a link or IMG tag to tblstructure.php with a modified table parameter. NOTE: other unspecified pages are also...

6CVSS8.6AI score0.0215EPSS
Exploits0References3
NVD
NVD
added 2019/09/22 3:15 p.m.19 views

CVE-2019-16696

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit.php table parameter when action=add is used...

9.8CVSS9.9AI score0.01881EPSS
Exploits1References1
OSV
OSV
added 2019/09/22 3:15 p.m.14 views

CVE-2019-16694

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used...

9.8CVSS8AI score
Exploits0References1
OSV
OSV
added 2019/09/22 3:15 p.m.14 views

CVE-2019-16692

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used...

9.8CVSS7.8AI score
Exploits0References2
Cvelist
Cvelist
added 2019/09/22 2:58 p.m.31 views

CVE-2019-16693

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used...

10AI score0.04338EPSS
Exploits3References2
Cvelist
Cvelist
added 2019/09/22 2:58 p.m.19 views

CVE-2019-16694

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used...

10AI score0.01881EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/09/22 2:58 p.m.21 views

CVE-2019-16696

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit.php table parameter when action=add is used...

10AI score0.01881EPSS
Exploits1References1
Prion
Prion
added 2017/03/20 4:59 p.m.11 views

Sql injection

Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson formerly ESBUS allow remote attackers to execute arbitrary SQL commands via the 1 TABLE parameter to esbus/servlet/GetSQLData or 2 QUERY parameter to KKLS9ReportingPortal/GetData...

7.5CVSS10AI score0.03974EPSS
Exploits5References4
Cvelist
Cvelist
added 2017/03/20 4:0 p.m.21 views

CVE-2017-6550

Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson formerly ESBUS allow remote attackers to execute arbitrary SQL commands via the 1 TABLE parameter to esbus/servlet/GetSQLData or 2 QUERY parameter to KKLS9ReportingPortal/GetData...

10AI score0.03974EPSS
Exploits5References4
CNVD
CNVD
added 2015/08/19 12:0 a.m.3 views

phpLiteAdmin Cross-Site Scripting Vulnerability

phpLiteAdmin is a software developer Dane Iracleous developed a set of PHP implementation and Web-based open-source SQLite database management tool . A cross-site scripting vulnerability exists in phpLiteAdmin version 1.1, which stems from a failure of the phpliteadmin.php script to adequately...

4.3CVSS6.2AI score0.03525EPSS
Exploits2References1
Debian CVE
Debian CVE
added 2015/08/18 5:0 p.m.15 views

CVE-2015-6518

Multiple cross-site scripting XSS vulnerabilities in phpLiteAdmin 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO, 2 droptable parameter, or 3 table parameter to phpliteadmin.php...

4.3CVSS5.7AI score0.03525EPSS
Exploits2
ATTACKERKB
ATTACKERKB
added 2014/10/20 2:55 p.m.4 views

CVE-2012-5244

Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 return, 2 display, 3 table, or 4 search parameter to functions/suggest.php; 5 the id parameter to functions/widgets.php, 6 the category parameter to...

7.5CVSS6.3AI score0.015EPSS
Exploits5References8
Cvelist
Cvelist
added 2014/09/12 2:0 p.m.35 views

CVE-2014-4735

Cross-site scripting XSS vulnerability in MyWebSQL 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the table parameter to index.php...

5.6AI score0.01854EPSS
Exploits3References5
OSV
OSV
added 2014/05/14 7:55 p.m.2 views

UBUNTU-CVE-2013-2226

Multiple SQL injection vulnerabilities in GLPI before 0.83.9 allow remote attackers to execute arbitrary SQL commands via the 1 usersidassign parameter to ajax/ticketassigninformation.php, 2 filename parameter to front/document.form.php, or 3 table parameter to ajax/comments.php...

7.5CVSS6.2AI score0.02768EPSS
Exploits2References2
Rows per page
Query Builder