Lucene search
K

168 matches found

OSV
OSV
added 2022/01/25 1:15 p.m.5 views

CVE-2021-45803

MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because this view parameter value is added to the SQL query without additional verification when viewing reservation...

8.8CVSS7.3AI score0.01179EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/01/25 12:56 p.m.29 views

CVE-2021-45803

MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because this view parameter value is added to the SQL query without additional verification when viewing reservation...

9.3AI score0.01179EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/01/25 12:0 a.m.7 views

MartDevelopers Iresturant SQL注入漏洞

MartDevelopers Iresturant is an open source lightweight restaurant Erp from MartDevelopers Kenya. used to integrate social restaurant operations into one system. a SQL injection vulnerability exists in MartDevelopers iResturant v1.0, which stems from adding this when viewing a reservation view...

8.8CVSS6.1AI score0.01179EPSS
Exploits1References3
Veracode
Veracode
added 2020/04/10 12:22 a.m.25 views

Privilege Escalation

mysql is vulnerable to privilege escalation. A flaw was found in a way MySQL handled the "DEFINER" view parameter. A user with the "ALTER VIEW" privilege for a view created by another database user, could modify that view to get access to any data accessible to the creator of said view...

3.5CVSS2.9AI score0.02226EPSS
Exploits2References27Affected Software1
OSV
OSV
added 2019/03/21 4:1 p.m.3 views

CVE-2019-7424

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/index.jsp" file in the view GET parameter or any of these POST parameters: autorefTime, section, snapshot, viewOpt, viewAll, view, or groupSelName. The latter is related to...

6.1CVSS6.4AI score
Exploits0References3
CNVD
CNVD
added 2019/03/14 12:0 a.m.2 views

Joomla Component XMap SQL Injection Vulnerability

Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla component XMap. The flaw is due to input passed to 'index.php' via the 'view=' and 'itemID=' parameters failing to be properly filtered before being used in SQL queries. An attacker could...

8.1AI score
Exploits0References1
OSV
OSV
added 2019/02/04 7:29 p.m.3 views

DEBIAN-CVE-2019-7339

POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'level' parameter value in the view log log.php because proper filtration is omitted...

6.1CVSS8.2AI score0.00874EPSS
Exploits1References1
OSV
OSV
added 2019/01/24 3:29 p.m.5 views

DEBIAN-CVE-2019-6777

An issue was discovered in ZoneMinder v1.32.3. Reflected XSS exists in web/skins/classic/views/plugin.php via the zm/index.php?view=plugin pl parameter...

6.1CVSS9AI score0.01016EPSS
Exploits1References1
Prion
Prion
added 2018/01/10 9:29 a.m.15 views

Design/Logic Flaw

Discuz! DiscuzX X3.4 has XSS via the view parameter to include/space/spacepoll.php, as demonstrated by a mod=space do=poll request to home.php...

3.5CVSS5.2AI score0.00641EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/01/10 9:29 a.m.17 views

CVE-2018-5331

Discuz! DiscuzX X3.4 has XSS via the view parameter to include/space/spacepoll.php, as demonstrated by a mod=space do=poll request to home.php...

5.4CVSS5.3AI score0.00641EPSS
Exploits1References1
OSV
OSV
added 2018/01/10 9:29 a.m.6 views

CVE-2018-5331

Discuz! DiscuzX X3.4 has XSS via the view parameter to include/space/spacepoll.php, as demonstrated by a mod=space do=poll request to home.php...

5.4CVSS5.8AI score0.00641EPSS
Exploits1References1
CVE
CVE
added 2018/01/10 9:0 a.m.39 views

CVE-2018-5331

Discuz! DiscuzX X3.4 is affected by a cross-site scripting (XSS) vulnerability triggered by the view parameter sent to include/space/space_poll.php, demonstrated by a mod=space do=poll request to home.php. Multiple connected sources document the issue, but none provide exploit steps or concrete r...

5.4CVSS5.2AI score0.00641EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/01/10 9:0 a.m.18 views

CVE-2018-5331

Discuz! DiscuzX X3.4 has XSS via the view parameter to include/space/spacepoll.php, as demonstrated by a mod=space do=poll request to home.php...

5.3AI score0.00641EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/02 12:0 a.m.5 views

Muslim Matrimonial Script Cross-Site Scripting Vulnerability (CNVD-2018-01241)

Muslim Matrimonial Script is a community matrimonial script for matrimonial websites by PHP Scripts Mall. A cross-site scripting vulnerability exists in PHP Scripts Mall Muslim Matrimonial Script. The vulnerability can be exploited to conduct cross-site scripting attacks via the admin/stateview.p...

4.8CVSS6.5AI score0.00496EPSS
Exploits1References1
Prion
Prion
added 2017/12/28 6:29 p.m.16 views

Code injection

PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the seller-view.php usid parameter...

4.3CVSS6AI score0.00688EPSS
Exploits1References1
CNVD
CNVD
added 2017/12/28 12:0 a.m.6 views

PHP Scripts Mall Professional Service Script Cross-Site Scripting Vulnerability

Professional Service Script is a script from PHP Scripts Mall with search, task creation and task management features. A cross-site scripting vulnerability exists in PHP Scripts Mall Professional Service Script. A remote attacker can exploit this vulnerability via the view parameter in...

4.8CVSS6.5AI score0.0054EPSS
Exploits1References1
CNVD
CNVD
added 2017/08/29 12:0 a.m.6 views

phpMyBackupPro path traversal vulnerability (CNVD-2017-30647)

phpMyBackupPro is a free web-based MySql backup tool. The tool supports automatic backup, timed backup, off-site backup MySql database. A directory traversal vulnerability exists in the getfile.php file in phpMyBackupPro versions 2.1 through 2.5. A remote attacker can read arbitrary files with th...

7.5CVSS7.6AI score0.11574EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/29 12:0 a.m.7 views

phpMyBackupPro Path Traversal Vulnerability

phpMyBackupPro is a free web-based MySql backup tool. The tool supports automatic backup, timed backup, off-site backup MySql database. A directory traversal vulnerability exists in the getfile.php file in phpMyBackupPro versions 2.1 through 2.4. A remote attacker can read arbitrary files with th...

7.5CVSS7.5AI score0.02921EPSS
Exploits0References1
Prion
Prion
added 2017/08/25 6:29 p.m.14 views

Directory traversal

Directory traversal vulnerability in getfile.php in phpMyBackupPro 2.1 through 2.5 allows remote attackers to read arbitrary files via a .. dot dot in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this...

5CVSS7.5AI score0.11574EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/03/15 12:0 a.m.3 views

Joomla com_kide plugin 'view' parameter SQL injection vulnerability

Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the 'view' parameter of the Joomla comkide plugin. An attacker can exploit the vulnerability to access or modify database data...

8AI score
Exploits0References1
Rows per page
Query Builder