CVE-2017-14600

Pragyan CMS v3.0 is vulnerable to an Error-Based SQL injection in cms/admin.lib.php via $GET'delblack', resulting in Information Disclosure...

Malicious Package

Overview vue-admin-lib is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Sql injection

admin/Lib/Action/FpluginAction.class.php in FDCMS aka Fangfa Content Manage System 4.2 allows SQL Injection...

PT-2007-1946 · Phpadsnew · Openads

Name of the Vulnerable Software and Affected Versions: Openads aka phpAdsNew version 2.0.7 Description: Multiple PHP remote file inclusion issues allow remote attackers to execute arbitrary PHP code via a URL in the 1 phpAds geoPlugin parameter to "libraries/lib-remotehost.inc", the 2 filename...

CVE-2006-6415

CVE-2006-6415 describes a remote file inclusion risk in phpAdsNew 2.0.4-pr2, involving admin/lib-maintenance.inc.php and the phpAds_path parameter. Exploitation would allow remote PHP code execution via a URL. The issue is noted as disputed by CVE, since phpAds_path is used as a constant. Connect...