Lucene search
Php Melody Security Vulnerabilities
cve
In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php.
9.8CVSS
9.8AI Score
0.009EPSS
2017-10-24 06:29 AM
27
cve
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin/edit_category.php.
8.8CVSS
9.7AI Score
0.001EPSS
2017-10-18 02:29 AM
35
cve
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php.
9.8CVSS
9.8AI Score
0.002EPSS
2017-10-18 02:29 AM
36
cve
In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the page_title parameter.
6.1CVSS
6AI Score
0.001EPSS
2022-10-03 04:23 PM
24
cve
PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist.
9.8CVSS
9.9AI Score
0.002EPSS
2018-01-09 04:29 PM
22