Lucene search
K

7 matches found

EUVD
EUVD
added 2026/04/05 9:30 p.m.6 views

EUVD-2019-20060

ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'ref' parameter. Attackers can send GET requests to the watchedsearches.php endpoint with crafted SQL payloads to extract...

8.8CVSS6.2AI score0.00422EPSS
Exploits1References5
NVD
NVD
added 2026/04/05 9:16 p.m.6 views

CVE-2019-25662

ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'ref' parameter. Attackers can send GET requests to the watchedsearches.php endpoint with crafted SQL payloads to extract...

8.8CVSS0.00422EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/05 8:45 p.m.20 views

CVE-2019-25662 ResourceSpace 8.6 SQL Injection via watched_searches.php

ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'ref' parameter. Attackers can send GET requests to the watchedsearches.php endpoint with crafted SQL payloads to extract...

8.8CVSS0.00422EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/05 8:45 p.m.4 views

CVE-2019-25662 ResourceSpace 8.6 SQL Injection via watched_searches.php

ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'ref' parameter. Attackers can send GET requests to the watchedsearches.php endpoint with crafted SQL payloads to extract...

8.8CVSS6.2AI score0.00422EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/05 8:45 p.m.5 views

CVE-2019-25662

ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'ref' parameter. Attackers can send GET requests to the watchedsearches.php endpoint with crafted SQL payloads to extract...

8.8CVSS6.2AI score0.00422EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/04/05 8:45 p.m.10 views

CVE-2019-25662

CVE-2019-25662 affects ResourceSpace 8.6 with an SQL injection in the watched_searches.php endpoint via the ref parameter. Unauthenticated attackers can send crafted GET requests to extract sensitive data (e.g., usernames and credentials). Public details document the vulnerability and its impact ...

8.8CVSS6.2AI score0.00422EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.12 views

PT-2026-30471

ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'ref' parameter. Attackers can send GET requests to the watched searches.php endpoint with crafted SQL payloads to extract...

8.8CVSS6.2AI score0.00422EPSS
Exploits1References5
Rows per page
Query Builder