Lucene search
K

33 matches found

OSV
OSV
added 2023/04/28 11:15 p.m.3 views

CVE-2023-2408

A vulnerability, which was classified as critical, has been found in SourceCodester AC Repair and Services System 1.0. Affected by this issue is some unknown functionality of the file services/view.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotel...

6.5CVSS6.5AI score0.0063EPSS
Exploits1References3
OSV
OSV
added 2022/09/20 4:15 p.m.4 views

CVE-2022-35196

TestLink v1.9.20 was discovered to contain a Cross-Site Request Forgery CSRF via /lib/plan/planView.php...

8.8CVSS5.8AI score0.00411EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2022/06/14 12:0 a.m.6 views

The vulnerability of D-Link DIR816L router’s microprogramming software allows a hacker to gain access to the folder_view.php and category_view.php folders.

The vulnerability of D-Link DIR816L router’s microprogramming software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to the folders folderview.php and categoryview.php...

6.3CVSS7.2AI score0.38289EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/06/09 4:15 p.m.2 views

CVE-2022-2017

A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /pms/admin/visits/viewvisit.php of the component Visit Handler. The manipulation of the argument id with the input...

7.2CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2022/02/16 5:15 p.m.4 views

CVE-2021-4134

The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the ID parameter found in the /inc/api/class-view.php file which allows attackers with administrative level permissions to inject arbitrary SQL queries to obtain sensiti...

4.9CVSS5.8AI score0.01418EPSS
Exploits1References2
OSV
OSV
added 2017/09/12 6:29 p.m.3 views

CVE-2017-14345

SQL Injection exists in tianchoy/blog through 2017-09-12 via the id parameter to view.php...

9.8CVSS5.8AI score0.01097EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2017/03/08 12:0 a.m.5 views

PT-2017-17139

Name of the Vulnerable Software and Affected Versions webpagetest version 3.0 Description A Cross-Site Scripting XSS issue exists due to insufficient filtration of user-supplied data, specifically the bgcolor variable, passed to the "webpagetest-master/www/video/view.php" URL. This allows an...

6.1CVSS6.7AI score0.00836EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2012/05/24 12:0 a.m.4 views

PT-2012-2069 · Gr Board · Gboard

Name of the Vulnerable Software and Affected Versions: GR Board version 1.8.6.5 Community Edition Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the tableType or blindTarget parameter to "view.php", the delTargets0 parameter to "view...

7.5CVSS7.6AI score0.01199EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2011/11/01 10:55 p.m.2 views

CVE-2010-4979

SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the imageid parameter...

7.5CVSS6.4AI score0.0101EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2011/11/01 10:55 p.m.2 views

CVE-2010-4978

Cross-site scripting XSS vulnerability in image/view.php in CANDID allows remote attackers to inject arbitrary web script or HTML via the imageid parameter...

4.3CVSS5.7AI score0.01473EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2011/11/01 10:55 p.m.2 views

CVE-2010-5001

SQL injection vulnerability in view.php in esoftpro Online Contact Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS6.4AI score0.01014EPSS
Exploits1References5
Exploit DB
Exploit DB
added 2011/08/22 12:0 a.m.34 views

Web Solutions Wcs2u - SQL Injection

Title : Web Solutions Wcs2u SQL Injection Vulnerability Vendor or Software Link: : http://www.wcs2u.com/ Author : tempemendoan Contact : [email protected] Google Dork : inurl:"gorengan tempe" intext:"Engineered by WCS2U.COM" === POC === » http://website/index.php?id=SQL »...

7AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2007/12/21 7:46 p.m.2 views

CVE-2007-6508

Directory traversal vulnerability in view.php in xeCMS 1.0 allows remote attackers to read arbitrary files via a ..%2F dot dot slash in the list parameter...

7.5CVSS5.8AI score0.02886EPSS
Exploits1References7
Rows per page
Query Builder