CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

NVD•added 2023/09/18 10:15 p.m.•12 views

CVE-2023-42454

SQLpage is a SQL-only webapp builder. Someone using SQLpage versions prior to 0.11.1, whose SQLpage instance is exposed publicly, with a database connection string specified in the sqlpage/sqlpage.json configuration file not in an environment variable, with the webroot is the current working...

10CVSS9.4AI score0.00101EPSS

Exploits1References3

Prion•added 2023/09/18 10:15 p.m.•12 views

Design/Logic Flaw

6.4CVSS9AI score0.00101EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/09/18 9:36 p.m.•15 views

CVE-2023-42454 SQLpage vulnerable to public exposure of database credentials

10CVSS9.5AI score0.00101EPSS

Exploits1References3

CVE•added 2023/09/18 9:36 p.m.•44 views

CVE-2023-42454

SQLpage CVE-2023-42454 affects versions before 0.11.1 where an exposed SQLPage instance stores the database connection string in sqlpage/sqlpage.json and the web_root is the default, allowing an attacker who can access the instance and the database to retrieve credentials and connect directly. Th...

10CVSS9.2AI score0.00101EPSS

Exploits1References3Affected Software1

NVD•added 2017/09/14 1:29 p.m.•17 views

CVE-2017-1002002

Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/...

9.8CVSS9.4AI score0.51155EPSS

Exploits4References4

Prion•added 2017/09/14 1:29 p.m.•16 views

Design/Logic Flaw

Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/...

7.5CVSS9.3AI score0.51155EPSS

Exploits4References4Affected Software1

OSV•added 2017/09/14 1:29 p.m.•2 views

CVE-2017-1002002

Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/...

9.8CVSS5.8AI score0.51155EPSS

Exploits4References4

Cvelist•added 2017/09/14 1:0 p.m.•17 views

CVE-2017-1002002

Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/...

9.4AI score0.51155EPSS

Exploits4References4

CVE•added 2017/09/14 1:0 p.m.•68 views

CVE-2017-1002002

The CVE-2017-1002002 entry describes a vulnerability in the WordPress plugin webapp-builder v2.0, where the plugin “includes unlicensed vulnerable CMS software from http://www.invedion.com/.” This indicates a root cause related to embedded third‑party CMS software within the plugin, exposing the ...

9.8CVSS9.3AI score0.51155EPSS

Exploits4References4Affected Software1