Search Vulnerabilities

amphp/http-server affected by HTTP/2 DDoS vulnerability

Adminer has an Unauthenticated Persistent DoS via Array Injection in ?script=version Endpoint

FroshAdminer Adminer UI is accessible without admin session

Craft CMS Vulnerable to potential authenticated Remote Code Execution via malicious attached Behavior

Craft CMS: GraphQL Asset Mutation Privilege Escalation

Craft CMS Vulnerable to Stored XSS in Number Prefix & Suffix Fields

Craft CMS Vulnerable to SQL Injection in Element Indexes via `criteria[orderBy]`

Craft CMS Vulnerable to SSRF in GraphQL Asset Mutation via Alternative IP Notation

Craft CMS Vulnerable to SSRF in GraphQL Asset Mutation via HTTP Redirect

Craft CMS: save_images_Asset graphql mutation can be abused to exfiltrate AWS credentials of underlying host

Craft CMS Vulnerable to Stored XSS in Entry Types Name

OpenSTAManager has a SQL Injection in the Prima Nota module

OpenSTAManager has a SQL Injection vulnerability in the Scadenzario bulk operations module

OpenSTAManager has a Time-Based Blind SQL Injection with Amplified Denial of Service

OpenSTAManager has a Time-Based Blind SQL Injection in Article Pricing Module

OpenSTAManager has a SQL Injection in Scadenzario Print Template

OpenSTAManager has a SQL Injection in ajax_select.php (componenti endpoint)

OpenSTAManager has an OS Command Injection in P7M File Processing

Microweber has a Cross-site Scripting vulnerability

Microweber Cross-site Scripting vulnerability