Lucene search
K

77 matches found

CNVD
CNVD
added 2019/05/23 12:0 a.m.2 views

Computrols CBAS Web SQL Injection Vulnerability

CBAS Web is a Web-based building management system BMS from Computrols. A SQL injection vulnerability exists in Computrols CBAS Web. The vulnerability stems from improper validation of parameters passed to different scripts. A remote authenticated attacker could exploit the vulnerability to execu...

8.8CVSS8.4AI score0.01751EPSS
Exploits1References1
CNVD
CNVD
added 2019/04/12 12:0 a.m.2 views

Heilongjiang Yitong Network Technology Development Co., Ltd. website building system has SQL injection vulnerability

Heilongjiang Yitong Network Technology Development Co., Ltd. is an enterprise website building system. There is a SQL injection vulnerability in Heilongjiang Yitong Network Technology Development Co., Ltd. that can be exploited by attackers to obtain sensitive information from the database...

7.6AI score
Exploits0
CNVD
CNVD
added 2019/04/10 12:0 a.m.3 views

Azure DevOps Server Elevation of Privilege Vulnerability

Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as sharing code, work tracking, and software distribution. An elevation of privilege vulnerability exists in Microsoft Azure DevOps Server 2019,...

7.5CVSS6.9AI score0.03023EPSS
Exploits0References1
0day.today
0day.today
added 2019/03/20 12:0 a.m.41 views

Netartmedia PHP Dating Site - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Netartmedia Php Dating Site - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/datingsite/ Demo Site: https://www.phpscriptdemos.com/dating/ Version: Lastest Tested on: Kali Linux CVE:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/03/20 12:0 a.m.42 views

Netartmedia PHP Dating Site SQL Injection

Exploit Title: Netartmedia Php Dating Site - SQL Injection Date: 19.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/datingsite/ Demo Site: https://www.phpscriptdemos.com/dating/ Version: Lastest Tested on: Kali Linux CVE: N/A Description: PHP Dating Site is ...

1AI score
Exploits0
exploitpack
exploitpack
added 2019/03/20 12:0 a.m.21 views

Netartmedia PHP Dating Site - SQL Injection

Netartmedia PHP Dating Site - SQL Injection Exploit Title: Netartmedia Php Dating Site - SQL Injection Date: 19.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/datingsite/ Demo Site: https://www.phpscriptdemos.com/dating/ Version: Lastest Tested on: Kali Lin...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/20 12:0 a.m.45 views

Netartmedia PHP Dating Site - SQL Injection

Exploit Title: Netartmedia Php Dating Site - SQL Injection Date: 19.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/datingsite/ Demo Site: https://www.phpscriptdemos.com/dating/ Version: Lastest Tested on: Kali Linux CVE: N/A Description: PHP Dating Site is ...

7AI score
Exploits0
CNVD
CNVD
added 2019/03/19 12:0 a.m.1 views

Directory Traversal Vulnerability in NetSoft Zhicheng Classifieds Website System

NetSoft Zhicheng classifieds website system is a php mysql based website building system. NetSoft Zhicheng classifieds website system has a directory traversal vulnerability that can be exploited by attackers to obtain sensitive information...

6.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 4:39 a.m.21 views

Security Bulletin: ClearQuest Web parameter tampering to elevated privileges (CVE-2012-2164)

Summary The IBM Rational ClearQuest Web client is subject to an elevated privileges attack. This allows an attacker to access the Site Administration menu. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more...

5.5CVSS1.4AI score0.01107EPSS
Exploits0Affected Software1
Hacker One
Hacker One
added 2018/03/26 4:44 p.m.32 views

Sony: Remote Code Execution (RCE) in a Sony Pictures WebSystem

⠀...

2.2AI score
Exploits0
CNVD
CNVD
added 2017/08/02 12:0 a.m.1 views

Stored Cross-Site Scripting Vulnerability in DocCMS

Rice husk enterprise building system, also known as rice husk cms, doccms, formerly known as deep throat enterprise building system ShlCms, is the industry's leading free open source enterprise website building system, enterprise website generation system. DocCMS 2016 version of a stored cross-si...

6.7AI score
Exploits0
CNVD
CNVD
added 2017/07/15 12:0 a.m.2 views

SQL Injection Vulnerability in Hanchao B2B2C Multi-User Mall System Type Parameter

Hanchao B2B2C multi-user mall system is a PHP multi-user mall website system source code developed in PHP + MySQL. Hanchao B2B2C multi-user mall system type parameter SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

8.1AI score
Exploits0
CNVD
CNVD
added 2017/02/19 12:0 a.m.1 views

SemCms asp version search box has SQL injection vulnerability

SemCms is a set of open source foreign trade enterprise website management system, mainly used for foreign trade enterprises, compatible with IE, Firefox and other mainstream browsers.SemCms using php and vb language writing, combined with apache or iis running. SemCms asp version of the search b...

7.5AI score
Exploits0
OSV
OSV
added 2017/01/23 9:59 p.m.4 views

CVE-2016-9012

CloudVision Portal CVP before 2016.1.2.1 allows remote authenticated users to gain access to the internal configuration mechanisms via the management plane, related to a request to /web/system/console/bundle...

8.8CVSS5.8AI score0.01499EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/01/23 9:0 p.m.24 views

CVE-2016-9012

CloudVision Portal CVP before 2016.1.2.1 allows remote authenticated users to gain access to the internal configuration mechanisms via the management plane, related to a request to /web/system/console/bundle...

8.6AI score0.01499EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2016/10/05 10:59 a.m.2 views

CVE-2016-8343

Directory traversal vulnerability in INDAS Web SCADA before 3 allows remote attackers to read arbitrary files via unspecified vectors...

7.5CVSS5.8AI score0.0357EPSS
Exploits0References3
CNVD
CNVD
added 2016/09/21 12:0 a.m.5 views

yiqicms system product-add.php has arbitrary file upload vulnerability

Yiqicms is the first marketing enterprise website system completely based on SEO-friendly development, using PHP+Mysql open source building system. Yiqicms 1.8 version of the background there are arbitrary file upload vulnerability. Allow attackers to exploit the vulnerability can upload any file...

7.1AI score
Exploits0
CNVD
CNVD
added 2016/04/08 12:0 a.m.1 views

MetInfo Cross-Site Scripting Vulnerability

MetInfo is an enterprise website management system with PHP Mysql architecture. MetInfo suffers from a cross-site scripting vulnerability. Allow attackers to insert malicious code, obtain user cookies, etc...

6.2AI score
Exploits0References1
CNVD
CNVD
added 2016/02/02 12:0 a.m.2 views

WEBSQUARE JOB-CUBE -JOB WEB SYSTEM and -JOB WEB SYSTEM High Income Cross-Site Scripting Vulnerabilities

WEBSQUARE JOB-CUBE -JOB WEB SYSTEM and -JOB WEB SYSTEM High Income are both web site construction systems from WEBSQUARE Japan. A cross-site scripting vulnerability exists in WEBSQUARE JOB-CUBE -JOB WEB SYSTEM versions prior to 1.2.2 and -JOB WEB SYSTEM High Income versions 1.0.6 and prior. A...

5.4CVSS6.1AI score0.0085EPSS
Exploits0References1
OSV
OSV
added 2016/01/30 3:59 p.m.3 views

CVE-2016-1144

Cross-site scripting XSS vulnerability in JOB-CUBE -JOB WEB SYSTEM before 1.2.2 and -JOB WEB SYSTEM High Income 1.0.6 and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS5.9AI score0.0085EPSS
Exploits0References3
Rows per page
Query Builder