CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

RedhatCVE•added 2026/01/09 10:40 a.m.•3 views

CVE-2022-35602

A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter user...

9.8CVSS8.7AI score0.00245EPSS

Exploits0References1

RedhatCVE•added 2025/06/29 12:6 a.m.•4 views

CVE-2025-6738

A vulnerability, which was classified as critical, has been found in huija bicycleSharingServer up to 7b8a3ba48ad618604abd4797d2e7cf3b5ac7625a. Affected by this issue is the function userDao.selectUserByUserNameLike of the file UserServiceImpl.java. The manipulation of the argument Username leads...

6.5CVSS6.6AI score0.00127EPSS

Exploits0References1

CVE•added 2025/06/27 12:0 a.m.•13 views

CVE-2025-6738

CVE-2025-6738 affects huija bicycleSharingServer (up to commit 7b8a3ba48ad618604abd4797d2e7cf3b5ac7625a). The vulnerability is in userDao.selectUserByUserNameLike in UserServiceImpl.java, where improper handling of the Username argument enables SQL injection. The issue is remotely exploitable and...

6.5CVSS7.6AI score0.00127EPSS

Exploits0References4

Positive Technologies•added 2025/06/27 12:0 a.m.•0 views

PT-2025-27027 · Unknown · Huija Bicyclesharingserver

Name of the Vulnerable Software and Affected Versions: huija bicycleSharingServer up to 7b8a3ba48ad618604abd4797d2e7cf3b5ac7625a Description: A critical vulnerability has been found in the huija bicycleSharingServer, affecting the function userDao.selectUserByUserNameLike of the file...

6.5CVSS7.5AI score0.00127EPSS

Exploits0References9

RedhatCVE•added 2025/05/22 11:10 p.m.•3 views

CVE-2022-36257

A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "users", "pass", etc...

7.5CVSS8.6AI score0.00323EPSS

Exploits1References1

NVD•added 2022/09/12 4:15 a.m.•10 views

CVE-2022-36257

A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "users", "pass", etc...

7.5CVSS0.00323EPSS

Exploits1References3

Prion•added 2022/09/12 4:15 a.m.•7 views

Sql injection

A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "users", "pass", etc...

5CVSS8.1AI score0.00323EPSS

Exploits1References3Affected Software1

Positive Technologies•added 2022/09/12 12:0 a.m.•1 views

PT-2022-23276 · Unknown · Sazanrjb Inventorymanagementsystem

Name of the Vulnerable Software and Affected Versions: sazanrjb InventoryManagementSystem version 1.0 Description: A SQL injection issue in UserDAO.java allows attackers to execute arbitrary SQL commands via parameters such as users and pass. This enables unauthorized access and manipulation of...

7.5CVSS8.1AI score0.00323EPSS

Exploits1References8

NVD•added 2022/08/18 2:15 a.m.•8 views

CVE-2022-35605

A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as 'users', 'pass', etc...

9.8CVSS0.00245EPSS

Exploits0References2

ATTACKERKB•added 2022/08/18 2:15 a.m.•1 views

CVE-2022-35602

A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter user...

9.8CVSS7.7AI score0.00245EPSS

Exploits0References3

Cvelist•added 2022/08/18 1:26 a.m.•12 views

CVE-2022-35605

A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as 'users', 'pass', etc...

10AI score0.00245EPSS

Exploits0References2

Positive Technologies•added 2022/08/18 12:0 a.m.•2 views

PT-2022-22921 · Unknown · Sazanrjb Inventorymanagementsystem

Name of the Vulnerable Software and Affected Versions: sazanrjb InventoryManagementSystem version 1.0 Description: A SQL injection issue in UserDAO.java allows attackers to execute arbitrary SQL commands via parameters such as users and pass. Recommendations: For sazanrjb InventoryManagementSyste...

9.8CVSS9.8AI score0.00245EPSS

Exploits0References4

seebug.org•added 2015/11/30 12:0 a.m.•42 views

SiteServer cms系统modal_UserView.aspx页面 sql注入漏洞

1.漏洞代码。在Bin\UserCenter.Pages.dll文件中，UserCenter.BackgroundPages.Modal.UserView类的PageLoad方法中，可以见到如下代码： public void PageLoadobject sender, EventArgs e string text = base.Request.QueryString"UserName"; //获取UserName bool flag2; bool flag = flag2 ? 1u : 0u 4294967295u; ArrayList arrayList; if !flag if...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by