Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Veracode
Veracodeadded 2025/08/12 11:18 a.m.3 views

SQL Injection

z-push/z-push-dev is vulnerable to SQL Injection. The vulnerability is due to unparameterized queries in the IMAP backend’s basic authentication username field, which allows an attacker to inject malicious SQL commands to access, modify, or delete sensitive data from a linked third-party database...

9.1CVSS7.8AI score0.00389EPSS
Exploits0References8Affected Software1
RedhatCVE
RedhatCVEadded 2025/02/05 4:26 p.m.6 views

CVE-2020-16104

SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege to execute arbitrary SQL against a third party database if EDI is configured to import data from this database. This issue affects:...

8.2CVSS8.5AI score0.00608EPSS
Exploits0
Drupal
Drupaladded 2024/11/20 12:0 a.m.12 views

Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-008

Drupal core contains a potential PHP Object Injection vulnerability that if combined with another exploit could lead to Remote Code Execution. It is not directly exploitable. This issue is mitigated by the fact that in order for it to be exploitable, a separate vulnerability must be present to...

9.8CVSS7.3AI score0.09687EPSS
Exploits0References14
NVD
NVDadded 2020/12/14 8:15 p.m.10 views

CVE-2020-16104

SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege to execute arbitrary SQL against a third party database if EDI is configured to import data from this database. This issue affects:...

8.2CVSS8.7AI score0.00608EPSS
Exploits0References1
Prion
Prionadded 2020/12/14 8:15 p.m.11 views

Sql injection

SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege to execute arbitrary SQL against a third party database if EDI is configured to import data from this database. This issue affects:...

6.5CVSS7.5AI score0.00608EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessusadded 2012/06/26 12:0 a.m.41 views

Active Inbound Connection From Host Listed in Known Bot Database

This plugin has been temporarily disabled. According to the output from netstat, the remote host has an inbound connection from one or more hosts that are listed in a public database as part of a botnet. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2018/08/14. Disabling threat feed...

6.9AI score
Exploits0
NVD
NVDadded 2002/12/31 5:0 a.m.11 views

CVE-2002-2301

Lawson Financials 8.0, when configured to use a third party relational database, stores usernames and passwords in a world-readable file, which allows local users to read the passwords and log onto the database...

3.3CVSS6.2AI score0.00065EPSS
Exploits0References3
Rows per page
Query Builder