Lucene search
K

56 matches found

EUVD
EUVD
added 2026/02/03 2:31 p.m.4 views

EUVD-2025-206734

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Emit Information and Communication Technologies Industry and Trade Ltd. Co. Efficiency Management System allows SQL Injection.This issue affects Efficiency Management System: through 03022026. NOTE...

9.8CVSS5.6AI score0.00421EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 9:13 a.m.2 views

CVE-2025-4764

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows SQL Injection. This issue affects Hotel Guest Hotspot: through 22012026. NOTE: The vendor was contacted early about this...

8.8CVSS5.5AI score0.00443EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2025/12/02 1:37 p.m.5 views

Iran-Linked Hackers Hit Israeli Sectors with New MuddyViper Backdoor in Targeted Attacks

Israeli entities spanning academia, engineering, local government, manufacturing, technology, transportation, and utilities sectors have emerged as the target of a new set of attacks undertaken by Iranian nation-state actors that have delivered a previously undocumented backdoor called MuddyViper...

6.1AI score
Exploits0
CNVD
CNVD
added 2024/02/05 12:0 a.m.59 views

SQL Injection Vulnerability in DedeCMS of Shanghai Zhuozhuo Network Technology Company Limited (CNVD-2024-13237)

DedeCMS is the most well-known PHP open source website management system, but also the use of the most users of the PHP class CMS system. Shanghai Zhuozhuo Network Technology Co., Ltd. DedeCMS SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive informatio...

7.9AI score
Exploits0
CNVD
CNVD
added 2022/06/27 12:0 a.m.29 views

74cms Cross-Site Scripting Vulnerability (CNVD-2022-58890)

74cms is a PHP and MySQL-based online recruitment system from China Xunyi Technology Company. 74cmsSE version v3.5.1 contains a cross-site scripting vulnerability, which originates from the path /company/service/increment/add/im missing data validation filters for user-supplied data and output. A...

4.3CVSS3.4AI score0.00617EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/06/27 12:0 a.m.38 views

74cms cross-site scripting vulnerability (CNVD-2022-58888)

74cms is a PHP and MySQL-based online recruitment system from China Xunyi Technology Company. 74cmsSE version v3.5.1 contains a cross-site scripting vulnerability that originates from the path /company/account/safety/trade lack of data validation filtering of user-supplied data and output. An...

4.3CVSS3.3AI score0.00617EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/06/27 12:0 a.m.26 views

74cms SQL Injection Vulnerability (CNVD-2022-58381)

74cms is an online recruitment system based on PHP and MySQL by China Xunyi Technology Company. A SQL injection vulnerability exists in 74cmsSE v3.5.1, which originates from the lack of validation of externally entered SQL statements in the keyword parameter of /home/campus/campusjob. An attacker...

7.5CVSS7.9AI score0.00901EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/27 12:0 a.m.35 views

74cms Cross-Site Scripting Vulnerability (CNVD-2022-58893)

74cms is a PHP and MySQL-based online recruitment system from China Xunyi Technology Company. 74cms version v3.5.1 contains a cross-site scripting vulnerability, which originates from the path /index/jobfairol/show/ lack of data validation filtering for user-supplied data and output. An attacker...

4.3CVSS3.3AI score0.00617EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/06/27 12:0 a.m.24 views

74cms cross-site scripting vulnerability (CNVD-2022-58891)

74cms is a PHP and MySQL-based online recruitment system from China Xunyi Technology Company. 74cmsSE version v3.5.1 contains a cross-site scripting vulnerability that originates from the path /company/viewbebrowsed/total missing data validation filters for user-supplied data and output. An...

4.3CVSS3.4AI score0.00617EPSS
Exploits1Affected Software1
OSV
OSV
added 2022/05/24 7:20 p.m.22 views

GHSA-XX36-6RV4-GJ8R ecdsa-elixir fails to check signatures, vulnerable to message forging

Summary Stark Bank is a financial technology company that provides services to simplify and automate digital banking, by providing APIs to perform operations such as payments and transfers. In addition, Stark Bank maintains a number of cryptographic libraries to perform cryptographic signing and...

9.8CVSS9.5AI score0.01022EPSS
Exploits1References6
CNVD
CNVD
added 2022/01/31 12:0 a.m.13 views

File Upload Vulnerability in Flash Flood Monitoring and Early Warning System of Siltronic Ltd (CNVD-2022-16624)

Siltronic Ltd. is a technology-based enterprise dedicated to the cause of disaster prevention and mitigation in China. A file upload vulnerability exists in the Flash Flood Monitoring and Early Warning System of Sicron Technology Co. Ltd, which can be exploited by attackers to gain control of the...

7.4AI score
Exploits0
CNVD
CNVD
added 2022/01/31 12:0 a.m.10 views

File Upload Vulnerability in Flash Flood Monitoring and Early Warning System of Siltronic Technology Limited (CNVD-2022-16623)

Siltronic Ltd. is a technology-based enterprise dedicated to the cause of disaster prevention and mitigation in China. A file upload vulnerability exists in the Flash Flood Monitoring and Early Warning System of Sicron Technology Co. Ltd, which can be exploited by attackers to gain control of the...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/06/20 12:0 a.m.14 views

Weak Password Vulnerability in TamronOS IPTV System

TamronOS Tenglong.com was founded in 2008, is a professional technology company specializing in Linux routing, authentication billing, caching system, IPTV system, VOD system development. TamronOS IPTV system suffers from a weak password vulnerability, which can be exploited by an attacker to log...

7.2AI score
Exploits0
CNVD
CNVD
added 2021/06/13 12:0 a.m.14 views

SQL Injection Vulnerability in NVS3000 Integrated Video Surveillance Platform of Datang Telecom Technology Co. Ltd (CNVD-2021-45156)

Datang Telecom Technology Co., Ltd. is a provider of products and integrated solutions in the field of information and communications. A SQL injection vulnerability exists in Datang Telecom Technology Co., Ltd.'s NVS3000 Integrated Video Surveillance Platform, which can be exploited by attackers ...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/06/06 12:0 a.m.2 views

Silicon Peak website builder system suffers from SQL injection vulnerability

Shaanxi Silicon Peak Network Technology Co., Ltd. is a high-end brand network company integrating "website design, software development, micro letter construction" and other informationization services. There is a SQL injection vulnerability in Silicon Peak's website builder system, which can be...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/06/03 12:0 a.m.3 views

Weak Password Vulnerability in Solarsys Marketing Routing System of Beijing Oriental Gosun Information Technology Co.

Oriental Gosun is a leading Chinese technology company integrating hardware production and platform operation, focusing on commercial Wi-Fi and media services, developing and providing localized commercial Wi-Fi solutions. A weak password vulnerability exists in the Solarsys marketing routing...

6.9AI score
Exploits0
CNVD
CNVD
added 2021/05/13 12:0 a.m.3 views

Shenzhen Tengxu IOT Technology Co., Ltd. behavioral management system has SQL injection vulnerability

Shenzhen Tengxu IOT Technology Co., Ltd. was founded in August 2013, is a collection of commercial wireless network product research and development design, manufacturing, sales and service as one of the Internet technology companies. Shenzhen Tengfox IOT Technology Co., Ltd. behavioral managemen...

7.8AI score
Exploits0
CNVD
CNVD
added 2021/03/31 12:0 a.m.2 views

SQL Injection Vulnerability in the Website Building System of Bo.com Chasing New Technology (Beijing) Co.

Ltd. is a high-paying technology company dedicated to website construction. A SQL injection vulnerability exists in the website building system of Boonet Chase New Technology Beijing Co. An attacker can exploit the vulnerability to obtain sensitive information from the database...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/03/15 12:0 a.m.5 views

SQL injection vulnerability in the water information management platform of Shandong Weimicro Technology Co.(CNVD-2021-22467)

Shandong Weimicro Technology Co., Ltd. is a science and technology-oriented enterprise mainly engaged in technology research and development. Shandong Weimicro Technology Co., Ltd. water information management platform has a SQL injection vulnerability, which can be exploited by attackers to obta...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/02/17 12:0 a.m.2 views

Haiyan Chuangyi Software Technology Co., Ltd. website building system suffers from SQL injection vulnerabilities (CNVD-2021-16391)

Haiyan Chuangyi Software Technology Co., Ltd. is a high-tech enterprise specializing in research and development, application and service in the field of computer information technology. Haiyan Chuangyi Software Technology Co., Ltd. has a SQL injection vulnerability in its website building system...

7.5AI score
Exploits0
Rows per page
Query Builder