22 matches found
EUVD-2017-17148
Malware in sbrugna...
EUVD-2021-27212
Malware in sbrugna...
EUVD-2025-21372
Malicious code in bioql PyPI...
CVE-2024-30951
FUDforum v3.1.3 was discovered to contain a reflected cross-site scripting XSS vulnerability via the chpos parameter at /adm/admsmiley.php...
CVE-2024-48710
In TP-Link TL-WDR7660 1.0, the wlanTimerRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities...
CVE-2021-25079
The Contact Form Entries WordPress plugin before 1.2.4 does not sanitise and escape various parameters, such as formid, status, enddate, order, orderby and search before outputting them back in the admin page...
CVE-2025-24787
WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local files on the machine the application is running on. The application uses string concatenation to build...
CVE-2025-24787
WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local files on the machine the application is running on. The application uses string concatenation to build...
CVE-2024-42564
ERP commit 44bd04 was discovered to contain a SQL injection vulnerability via the id parameter at /index.php/basedata/inventory/delete?action=delete...
CVE-2024-39209
luci-app-sms-tool v1.9-6 was discovered to contain a command injection vulnerability via the score parameter...
CVE-2024-30630
Tenda FH1205 v2.0.0.7775 has a stack overflow vulnerability in the time parameter from saveParentControlInfo function...
PT-2023-30902 · Microsoft · Azure Rtos Threadx
Name of the Vulnerable Software and Affected Versions: Azure RTOS ThreadX versions prior to 6.3.0 Description: Azure RTOS ThreadX is an advanced real-time operating system RTOS designed specifically for deeply embedded applications. An attacker can cause arbitrary read and write due to a...
CVE-2020-18667
SQL Injection vulnerability in WebPort =1.19.1 via the new connection, parameter name in type-conn...
CVE-2020-11833
In /SM8250QMaster/android/vendor/oppocharger/oppo/chargeric/oppomp2650.c, the function mp2650datalogwrite in mp2650datalogwrite does not check the parameter len which causes a vulnerability...
CVE-2011-1150
bbPress through 1.0.2 has XSS in /bb-login.php url via the re parameter...
XooDigital - 'p' SQL Injection
Exploit Title: XooDigital - 'p' SQL Injection Date: 26.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://xooscripts.com/product/digital-download-protection-script.html Demo Site: http://xooscripts.com/demos/xoodigital/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC :...
S9Y Serendipity 2.0.4 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications ======================================== Title: Serendipity-2.0.4 latest version - Stored Cross Site Scripting Application: Serendipity Class: Sensitive Information disclosure Versions Affected: alert'Meryem ExploitDB' HTTP Request POST...
SQL Injection Vulnerability in Asset Management System sysbh Parameter of Jinan Guozi Digital Technology Co.
Asset management system of Jinan Guozi Digital Technology Co., Ltd. is a set of sharing and management platform for precision instruments or large instruments. The product suffers from SQL injection vulnerability, the vulnerability URL is: http://host/dxyqsyspt/sysDetail.aspx?sysbh=000001 The...
SQL Injection Vulnerability in TUTUCMS System by Parameter
TUTUCMS is a CMS image management system focused on the development of image-based websites. TUTUCMS x2.6 version has a SQL injection vulnerability, due to the system does not strictly filter by parameters, only the source code to do the corresponding code audit. This vulnerability allows attacke...
YYJIACMS v3.1 android.php参数 subjectid SQL注入漏洞
No description provided by source...