92966 matches found
CVE-2019-25541
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. Attackers can inject time-based blind SQL payloads via the 'id' parameter in index.php or the 'Email' parameter in...
CVE-2019-25541
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. The affected vectors include id in index.php and Email in loginaction.php, enabling time-based blind payloads to extract sen...
CVE-2019-25541 Netartmedia PHP Mall 4.1 Multiple SQL Injection
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. Attackers can inject time-based blind SQL payloads via the 'id' parameter in index.php or the 'Email' parameter in...
CVE-2019-25540 Netartmedia PHP Mall 4.1 Multiple SQL Injection
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through various parameters. Attackers can craft malicious requests with SQL payloads to extract sensitive database information includi...
CVE-2019-25540 Netartmedia PHP Mall 4.1 Multiple SQL Injection
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through various parameters. Attackers can craft malicious requests with SQL payloads to extract sensitive database information includi...
CVE-2019-25540
Netartmedia PHP Mall 4.1 is affected by multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries via various parameters. The attacks can exfiltrate sensitive data, including user credentials and system information. The description does not specify...
CVE-2019-25539
CVE-2019-25539 affects 202CMS v10 beta. The vulnerability is a blind, time-based SQL injection in the log_user parameter via POST to index.php, exploitable by unauthenticated attackers to extract sensitive database information. Impact details from the entry indicate high confidentiality impact an...
CVE-2019-25535 Netartmedia PHP Dating Site SQL Injection via loginaction.php
Netartmedia PHP Dating Site contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with time-based SQL injection payloads in the Email field ...
CVE-2019-25533
Netartmedia PHP Business Directory 4.2 is affected by an SQL injection in the loginaction.php Email field, enabling unauthenticated attackers to manipulate database queries. This can lead to sensitive data disclosure and potential authentication bypass. The vulnerability impact is described as hi...
CVE-2019-25532 Netartmedia Jobs Portal 6.1 SQL Injection via loginaction.php
Netartmedia Jobs Portal 6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with crafted SQL payloads in the Email field to extract...
CVE-2019-25530 uHotelBooking System Lastest SQL Injection via system_page Parameter
uHotelBooking System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the systempage GET parameter. Attackers can send crafted requests to index.php with malicious systempage values using time-based blind SQ...
CVE-2019-25524
CVE-2019-25524 affects XooGallery Latest, where an SQL injection via the unvalidated GET parameter āpā in results.php allows unauthenticated attackers to manipulate queries, potentially extracting data or altering DB contents and bypassing authentication. The CVSS metrics indicate high impact (C:...
CVE-2019-25523
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the catid parameter. Attackers can send GET requests to cat.php with malicious catid values to bypass authentication, extract sensitive data...
CVE-2019-25522
XooGallery Latest contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through the photoid parameter. Attackers can send GET requests to photo.php with malicious photoid values to extract sensitive data, bypass...
CVE-2019-25521 XooGallery Lastest Latest SQL Injection via gal.php gal_id
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the galid parameter. Attackers can send GET requests to gal.php with malicious galid values to extract sensitive database information or...
CVE-2019-25521 XooGallery Lastest Latest SQL Injection via gal.php gal_id
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the galid parameter. Attackers can send GET requests to gal.php with malicious galid values to extract sensitive database information or...
CVE-2019-25517
The CVE covers Jettweb PHP Hazir Haber Sitesi Scripti V1 with an SQL injection vulnerability in the haberarsiv.php script. The vulnerability is triggered via the cid parameter, allowing unauthenticated attackers to perform UNION-based injections to extract sensitive database information or modify...
CVE-2019-25516 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via gallery.php
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the galleryid parameter. Attackers can send GET requests to gallery.php with malicious galleryid values using...
CVE-2019-25513 Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection via datagetir.php
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values using time-based blind...
CVE-2019-25511
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parameter. Attackers can send GET requests to fonksiyonlar.php with malicious videoid values using...