📦 Derbynet

by Derbynet

🔍 What is Derbynet?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2024-30922

CRITICAL CVSS 9.8 Apr 18, 2024

A critical SQL injection vulnerability in DerbyNet v9.0 allows remote attackers to execute arbitrary SQL commands via the where clause in award document rendering. This can lead to complete database c...

CVE-2024-31818

CRITICAL CVSS 9.8 Apr 12, 2024

A directory traversal vulnerability in DerbyNet v9.0 allows remote attackers to execute arbitrary code via the 'page' parameter in kiosk.php. This affects all systems running vulnerable DerbyNet insta...

CVE-2024-30928

HIGH CVSS 8.1 Apr 18, 2024

This SQL injection vulnerability in DerbyNet allows attackers to execute arbitrary SQL commands through the 'classids' parameter in the ajax/query.slide.next.inc endpoint. Attackers can potentially re...

CVE-2024-30920

HIGH CVSS 7.4 Apr 18, 2024

This Cross-Site Scripting (XSS) vulnerability in DerbyNet allows remote attackers to inject malicious scripts via the render-document.php component. When exploited, it enables arbitrary code execution...