5 matches found
Sql injection
PG All Share Video 1.0 allows SQL Injection via the PATHINFO to search/tag, friends/index, users/profile, or videocatalog/category...
CVE-2017-15969
PG All Share Video 1.0 allows SQL Injection via the PATHINFO to search/tag, friends/index, users/profile, or videocatalog/category...
CVE-2017-15969
PG All Share Video 1.0 allows SQL Injection via the PATHINFO to search/tag, friends/index, users/profile, or videocatalog/category...
CVE-2017-15969
PG All Share Video 1.0 allows SQL Injection via the PATHINFO to search/tag, friends/index, users/profile, or videocatalog/category...
CVE-2017-15969
CVE-2017-15969 affects PG All Share Video 1.0. Description from CNVD/NVD indicates a SQL injection vulnerability exploitable via PATH_INFO in endpoints such as /search/tag, /friends/index, /users/profile, and /video_catalog/category. The root cause is unsanitized PATH_INFO allowing injected SQL c...