header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Show More

Docebo Suite <= 3.5.0.3 (lib.regset.php/non-blind) SQL injection exploit

Docebo Suite is vulnerable to a SQL injection vulnerability in the lib.regset.php/non-blind script. This vulnerability allows an attacker to inject arbitrary SQL commands and gain access to the database. The bug was found by EgiX and works with Mysql >= 4.1 and PHP 5.X. It can be exploited to perform credentials disclosure.

7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name
Docebo Suite
Platforms Tested
Mysql >= 4.1 and PHP 5.X
Affected Version
From:
3.5.0.3
To:
3.5.0.3
2009

Recent Exploits:

RDPGuard 9.9.9 – Privilege Escalation

author
Ahmet Ümit BAYRAM
vendor
RDPGuard
severity
6.1
HIGH

YesWiki Unauthenticated Path Traversal

author
Al Baradi Joy
vendor
YesWiki
severity
7.1
HIGH

ABB Cylon Aspect 3.08.02 Stored Cross-Site Scripting Vulnerability

author
Gjoko 'LiquidWorm' Krstic
vendor
ABB Ltd.
severity
6.1
HIGH

Apache ActiveMQ 6.1.6 – Denial of Service (DOS)

author
Abdualhadi khalifa
vendor
Apache
severity
6.1
HIGH

GeoVision GV-ASManager 6.1.1.0 – CSRF

author
Giorgi Dograshvili [DRAGOWN]
vendor
GeoVision
severity
6.1
HIGH

ABB Cylon FLXeon 9.3.4 WebSocket Command Spawning Vulnerability

author
Zero Science Lab
vendor
ABB Ltd.
severity
6.1
HIGH

GestioIP 3.5.7 – Stored Cross-Site Scripting Vulnerability

author
m4xth0r (Maximiliano Belino)
vendor
GestioIP
severity
6.1
HIGH

Cacti 1.2.26 – Remote Code Execution (RCE) (Authenticated)

author
D3Ext
vendor
Cacti
severity
6.1
HIGH

Exclusive Addons for Elementor ≤ 2.6.9 – Authenticated Stored Cross-Site Scripting (XSS)

author
Al Baradi Joy
vendor
exclusiveaddons
severity
5.1
MEDIUM

Kentico Xperience 13.0.178 – Cross Site Scripting (XSS)

author
Alex Messham
vendor
Kentico
severity
6.1
HIGH

Navigation

Suggest Exploit

Services By CQR