CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

RedhatCVE•added 2025/05/23 4:1 a.m.•5 views

CVE-2023-46727

GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.11, GLPI inventory endpoint can be used to drive a SQL injection attack. Version 10.0.11 contains a patch for the issue. As a workaround, disable native inventory...

9.8CVSS7.7AI score0.23296EPSS

Exploits0

Tenable Nessus•added 2024/02/15 12:0 a.m.•21 views

Palo Alto Networks PAN-OS 8.1.x < 8.1.25 / 9.0.x < 9.0.17 / 9.1.x < 9.1.16 / 10.0.x < 10.0.11 / 10.1.x < 10.1.6 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.25 or 9.0.x prior to 9.0.17 or 9.1.x prior to 9.1.16 or 10.0.x prior to 10.0.11 or 10.1.x prior to 10.1.6. It is, therefore, affected by a vulnerability. - A cross-site scripting XSS vulnerability in Palo Al...

6.8CVSS6.3AI score0.00533EPSS

Exploits0References2

NVD•added 2023/12/13 7:15 p.m.•14 views

CVE-2023-46727

9.8CVSS0.23296EPSS

Exploits0References3

NVD•added 2023/12/13 7:15 p.m.•14 views

CVE-2023-43813

GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.11, the saved search feature can be used to perform a SQL injection. Version 10.0.11 contains a patch for the issue...

8.8CVSS0.11469EPSS

Exploits0References3

Prion•added 2023/12/13 7:15 p.m.•22 views

Sql injection

7.5CVSS8.1AI score0.23296EPSS

Exploits0References3Affected Software1

OSV•added 2023/12/13 6:26 p.m.•22 views

CVE-2023-46727 GLPI SQL injection through inventory agent request

8.6CVSS9.6AI score0.23296EPSS

Exploits0References5

Cvelist•added 2023/12/13 6:26 p.m.•19 views

CVE-2023-46727 GLPI SQL injection through inventory agent request

8.6CVSS10AI score0.23296EPSS

Exploits0References3

Vulnrichment•added 2023/12/13 6:26 p.m.•15 views

CVE-2023-46727 GLPI SQL injection through inventory agent request

8.6CVSS7.7AI score0.23296EPSS

Exploits0References3

CVE•added 2023/12/13 6:25 p.m.•38 views

CVE-2023-46726

GLPI (free IT Asset Management) versions before 10.0.11 on PHP 7.4 are affected by CVE-2023-46726: LDAP server configuration form can be abused to execute arbitrary code uploaded as a GLPI document. Version 10.0.11 includes a patch. Remediation is to upgrade to a version containing the fix (per t...

9.8CVSS8.8AI score0.00122EPSS

Exploits0References3Affected Software1

Cvelist•added 2023/12/13 6:17 p.m.•18 views

CVE-2023-43813 glpi Authenticated SQL Injection

6.5CVSS9.3AI score0.11469EPSS

Exploits0References3

CNNVD•added 2023/12/13 12:0 a.m.•2 views

GLPI SQL Injection Vulnerability

GLPI is an open source IT and asset management software for individual developers. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner cartridg...

8.8CVSS7.7AI score0.11469EPSS

Exploits0References4

Prion•added 2020/09/11 5:15 p.m.•24 views

Remote code execution

A remote code execution vulnerability exists in Microsoft Dynamics 365 for Finance and Operations on-premises version 10.0.11. An attacker who successfully exploited this vulnerability could gain remote code execution via server-side script execution on the victim server. An authenticated attacke...

6.5CVSS7.1AI score0.00478EPSS

Exploits0References1Affected Software1

OSV•added 2020/08/17 7:15 p.m.•1 views

CVE-2020-1182

7.3CVSS7.7AI score0.14352EPSS

Exploits0References1

Positive Technologies•added 2020/08/17 12:0 a.m.•2 views

PT-2020-3765 · Microsoft · Dynamics 365 For Finance/Operations

Name of the Vulnerable Software and Affected Versions: Microsoft Dynamics 365 for Finance and Operations on-premises version 10.0.11 Description: A remote code execution issue exists, allowing an attacker to gain remote code execution via server-side script execution on the victim server. An...

9CVSS7.8AI score0.14352EPSS

Exploits0References4