Lucene search
K

174 matches found

CVE
CVE
added 2017/12/15 9:0 a.m.46 views

CVE-2017-17696

Techno - Portfolio Management Panel is affected by an information disclosure vulnerability through an invalid s parameter to panel/search.php, enabling disclosure of sensitive paths. The CVE notes impact as a path disclosure; affected versions include 2017-11-16 and earlier. Connected sources (CN...

4.3CVSS4.6AI score0.00708EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2017/12/15 9:0 a.m.17 views

CVE-2017-17696

Techno - Portfolio Management Panel through 2017-11-16 allows full path disclosure via an invalid s parameter to panel/search.php...

4.7AI score0.00708EPSS
Exploits1References1
CVE
CVE
added 2017/12/15 9:0 a.m.56 views

CVE-2017-17695

The CVE concerns Techno - Portfolio Management Panel with a SQL Injection vulnerability in the panel/search.php s parameter (affecting versions up to 2017-11-16). The CNVD entry explicitly describes a remote attacker manipulating the s parameter to execute SQL commands and potentially disclose da...

8.8CVSS9.1AI score0.00961EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/12/15 9:0 a.m.48 views

CVE-2017-17694

Techno – Portfolio Management Panel (up to 2017-11-16) is affected by a Cross‑Site Scripting flaw exploited via the panel/search.php?s parameter. The vulnerability allows injection of arbitrary web script/HTML, potentially leaking cookies (as indicated by CNVD) and other user data. Affected compo...

5.4CVSS5.2AI score0.00513EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2017/12/15 9:0 a.m.19 views

CVE-2017-17694

Techno - Portfolio Management Panel through 2017-11-16 allows XSS via the panel/search.php s parameter...

5.3AI score0.00513EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/12/15 9:0 a.m.21 views

CVE-2017-17695

Techno - Portfolio Management Panel through 2017-11-16 allows SQL Injection via the panel/search.php s parameter...

9.2AI score0.00961EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/12/15 9:0 a.m.20 views

CVE-2017-17693

Techno - Portfolio Management Panel through 2017-11-16 does not check authorization for panel/portfolio.php?action=delete requests that remove feedback...

4.8AI score0.00553EPSS
Exploits1References1
NVD
NVD
added 2017/12/11 5:29 p.m.17 views

CVE-2017-17110

Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request...

9.8CVSS9.7AI score0.0858EPSS
Exploits1References2
Prion
Prion
added 2017/12/11 5:29 p.m.12 views

Sql injection

Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request...

7.5CVSS9.6AI score0.0858EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2017/12/11 5:0 p.m.19 views

CVE-2017-17110

Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request...

9.7AI score0.0858EPSS
Exploits1References2
CVE
CVE
added 2017/12/11 5:0 p.m.44 views

CVE-2017-17110

Techno Portfolio Management Panel 1.0 is affected by an SQL injection in the parameter 'id' of the single.php endpoint. The CNVD entry describes a SQL injection vulnerability that lets an attacker inject arbitrary SQL commands via single.php?id=, enabling data access/manipulation. The issue is co...

9.8CVSS9.5AI score0.0858EPSS
Exploits1References2Affected Software1
0day.today
0day.today
added 2017/12/05 12:0 a.m.18 views

Techno Portfolio Management Panel - id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Techno - Portfolio Management Panel 1.0 - SQL Injection Vendor Homepage: https://codecanyon.net/user/engtechno Software Link: https://codecanyon.net/item/techno-portfolio-management-panel/20919551 Demo: http://dacy.esy.es/eng/...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2017/12/05 12:0 a.m.33 views

Techno Portfolio Management Panel - 'id' SQL Injection

Exploit Title: Techno - Portfolio Management Panel 1.0 - SQL Injection Dork: N/A Date: 02.12.2017 Vendor Homepage: https://codecanyon.net/user/engtechno Software Link: https://codecanyon.net/item/techno-portfolio-management-panel/20919551 Demo: http://dacy.esy.es/eng/ Version: 1.0 Category: Webap...

7.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/04/03 6:53 a.m.8 views

techno-science.ca XSS vulnerability

Vulnerable URL: http://techno-science.ca/en/collection-research/collection-item.php?id=...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/01/25 2:34 p.m.10 views

techno-co.pw Open Redirect vulnerability

Open Bug Bounty ID: OBB-209260 Description| Value ---|--- Affected Website:| techno-co.pw Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/06/29 4:39 p.m.11 views

industrie-techno.com XSS vulnerability

Vulnerable URL: http://www.industrie-techno.com/recherche/%3Cscript%3Ealert'OPENBUGBOUNTY'%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 10:18 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/05/22 4:39 a.m.10 views

webmail.techno-path.com XSS vulnerability

Vulnerable URL: http://webmail.techno-path.com/-....--..1409474603/webmail/?color=%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

6.3AI score
Exploits0
CNVD
CNVD
added 2015/11/01 12:0 a.m.3 views

Techno Project Japan Enisys Gw Arbitrary Code Execution Vulnerability

Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A security vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to write to arbitrary files and execute arbitrary code...

6.5CVSS7.5AI score0.01959EPSS
Exploits0References1
CNVD
CNVD
added 2015/11/01 12:0 a.m.2 views

Techno Project Japan Enisys Gw SQL Injection Vulnerability

Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A SQL injection vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to submit specially crafted SQL queries or obtain database data...

7.5CVSS8.1AI score0.01271EPSS
Exploits0References1
CNVD
CNVD
added 2015/11/01 12:0 a.m.5 views

Techno Project Japan Enisys Gw Cross-Site Scripting Vulnerability

Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A cross-site scripting vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to inject malicious script or HTML code that, when viewed with malicious data,...

4.3CVSS6.2AI score0.01171EPSS
Exploits0References1
Rows per page
Query Builder