Lucene search
K

148 matches found

OSV
OSV
added 2024/09/11 12:15 p.m.4 views

CVE-2024-45787

This vulnerability exists in Reedos aiM-Star version 2.0.1 due to transmission of sensitive information in plain text in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter through API request URL and intercepting response of the AP...

6.5CVSS5.8AI score0.00436EPSS
Exploits0References1
OSV
OSV
added 2024/09/11 12:15 p.m.4 views

CVE-2024-45786

This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper access controls on its certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter through API request URL which could lead to gain unauthorized access to sensitive...

6.5CVSS5.8AI score0.00391EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2024/04/08 12:0 a.m.228 views

Open Source Medicine Ordering System 1.0 SQL Injection

Exploit Title : Open Source Medicine Ordering System v1.0 - SQLi Author : Onur Karasalihoğlu Date : 27/02/2024 Sample Usage % python3 omossqliexploit.py https://target.com Available Databases: 1. informationschema 2. omosdb Please select a database to use enter number: 2 You selected: omosdb...

7.4AI score
Exploits0
CNNVD
CNNVD
added 2024/02/14 12:0 a.m.5 views

CU Solutions Group Content Management System Security Vulnerability

CU Solutions Group Content Management System CUSG CMS is a content management system from CU Solutions Group, Inc. A security vulnerability exists in CU Solutions Group Content Management System versions prior to v.7.75. A remote attacker can use this vulnerability to execute arbitrary code,...

6.1CVSS7AI score0.00606EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/22 12:0 a.m.8 views

PT-2023-30441 · Mercedes · Mercedes Me Ios App

Name of the Vulnerable Software and Affected Versions: Mercedes me IOS APP versions 1.34.0 and below Description: The issue allows attackers to view the maintenance orders of other users and access sensitive user information. Recommendations: For Mercedes me IOS APP versions 1.34.0 and below,...

5.3CVSS7AI score0.005EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/11/21 7:15 a.m.3 views

CVE-2023-46935

eyoucms v1.6.4 is vulnerable Cross Site Scripting XSS, which can lead to stealing sensitive information of logged-in users...

5.4CVSS5.8AI score0.00409EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/11/09 7:39 p.m.21 views

CVE-2023-5551 Moodle: forum summary report shows students from other groups when in separate groups mode

Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups...

3.3CVSS6.7AI score0.00278EPSS
Exploits0References3
NVD
NVD
added 2023/11/07 6:15 p.m.13 views

CVE-2022-41616

Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1...

8.8CVSS0.0082EPSS
Exploits0References1
OSV
OSV
added 2023/11/07 6:15 p.m.3 views

CVE-2022-41616

Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1...

8.8CVSS5.8AI score0.0082EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/11/07 5:17 p.m.14 views

CVE-2022-41616 WordPress Export Users Data CSV plugin <= 2.1 - Auth. CSV Injection vulnerability

A vulnerability in Kaushik Export Users Data CSV export-users-data-csv.This issue affects Export Users Data CSV: from n/a through = 2.1...

7.6CVSS8AI score0.0082EPSS
Exploits0References1
CVE
CVE
added 2023/11/07 5:17 p.m.51 views

CVE-2022-41616

The CVE-2022-41616 entry corresponds to a CSV injection vulnerability in the WordPress plugin Export Users Data CSV, affecting versions through 2.1. The root cause is improper neutralization of formula elements in CSV files generated by the plugin. Impact details are limited in the provided docum...

8.8CVSS8AI score0.0082EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/11/07 5:15 p.m.25 views

CVE-2022-46804

Improper Neutralization of Formula Elements in a CSV File vulnerability in Narola Infotech Solutions LLP Export Users Data Distinct.This issue affects Export Users Data Distinct: from n/a through 1.3...

8.8CVSS0.00802EPSS
Exploits0References1
OSV
OSV
added 2023/11/07 5:15 p.m.2 views

CVE-2022-46804

Improper Neutralization of Formula Elements in a CSV File vulnerability in Narola Infotech Solutions LLP Export Users Data Distinct.This issue affects Export Users Data Distinct: from n/a through 1.3...

8.8CVSS5.8AI score0.00802EPSS
Exploits0References1
Prion
Prion
added 2023/11/07 5:15 p.m.24 views

Input validation

Improper Neutralization of Formula Elements in a CSV File vulnerability in Narola Infotech Solutions LLP Export Users Data Distinct.This issue affects Export Users Data Distinct: from n/a through 1.3...

6.5CVSS7AI score0.00802EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/07 4:43 p.m.13 views

CVE-2022-46804 WordPress Export Users Data Distinct plugin <= 1.3 - CSV Injection

A vulnerability in narolainfotech Export Users Data Distinct export-users-data-distinct.This issue affects Export Users Data Distinct: from n/a through = 1.3...

5.8CVSS8.5AI score0.00802EPSS
Exploits0References1
CVE
CVE
added 2023/11/07 4:43 p.m.34 views

CVE-2022-46804

CVE-2022-46804 : WordPress plugin Export Users Data Distinct (

8.8CVSS8.5AI score0.00802EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/11/07 12:0 a.m.5 views

WordPress Plugin export-users-data-csv Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

8.8CVSS6.5AI score0.0082EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/11/07 12:0 a.m.3 views

WordPress Plugin export-users-data-distinct Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

8.8CVSS6.5AI score0.00802EPSS
Exploits0References3
NVD
NVD
added 2023/11/03 5:15 a.m.10 views

CVE-2023-38965

Lost and Found Information System 1.0 allows account takeover via username and password to a /classes/Users.php?f=save URI...

9.8CVSS9.5AI score0.01264EPSS
Exploits4References3
OSV
OSV
added 2023/03/31 10:15 p.m.3 views

CVE-2022-47192

Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a backup file containing a modified "users.json" to the web server of the device, allowing him to replace the administrator password...

8.8CVSS5.8AI score0.01301EPSS
Exploits0References3
Rows per page
Query Builder