| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. |
| Jenkins GitLab Plugin 1.5.31 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. |
| Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server. |
| Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library does not implement access control, potentially allowing users to start processes even if they're not allowed to log in. |
| A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable "id" parameter. |
| School Dormitory Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /dms/admin/reports/daily_collection_report.php. |
| Room-rent-portal-site v1.0 is vulnerable to SQL Injection via /rrps/classes/Master.php?f=delete_category, id. |
| Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=update_application_status |
| Wedding Management System v1.0 is vulnerable to SQL Injection. via Wedding-Management/admin/select.php. |
| Wedding Management System v1.0 is vulnerable to SQL Injection. via /Wedding-Management/admin/budget.php?booking_id=. |
| Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_manage_account_details.php?booking_id=31&user_id= |
| Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_edit.php?booking=31&user_id=. |
| Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_assign.php?booking=31&user_id=. |
| Wedding Management System v1.0 is vulnerable to SQL Injection via Wedding-Management/wedding_details.php. |
| Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\feature_edit.php. |
| Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\users_edit.php. |
| Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\photos_edit.php. |
| Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\package_edit.php. |
| Wedding Management System v1.0 is vulnerable to SQL Injection via admin\client_assign.php. |
| Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\client_edit.php. |