CVE-2018-25379 Collectric CMU 1.0 SQL Injection via lang Parameter

Collectric CMU 1.0 contains a boolean-based blind SQL injection vulnerability in the lang parameter that allows unauthenticated attackers to manipulate database queries during authentication. Attackers can inject SQL code through the lang parameter in login requests to extract sensitive informati...

PT-2026-21309

delpino73 Blue-Smiley-Organizer 1.32 contains an SQL injection vulnerability in the datetime parameter that allows unauthenticated attackers to manipulate database queries. Attackers can inject SQL code through POST requests to extract sensitive data using boolean-based blind and time-based blind...

Wordpress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress cp-multi-view-calendar.1.1.7 Unauthenticated SQL injection vulnerabilities Date: 2015-07-10 Google Dork: Index of /wordpress/wp-content/plugins/cp-multi-view-calendar Exploit Author: Joaquin Ramirez Martinez i0akiN...

WordPress Plugin CP Multi View Event Calendar 1.1.7 - SQL Injection

WordPress Plugin CP Multi View Event Calendar 1.1.7 - SQL Injection Exploit Title: WordPress cp-multi-view-calendar.1.1.7 Unauthenticated SQL injection vulnerabilities Date: 2015-07-10 Google Dork: Index of /wordpress/wp-content/plugins/cp-multi-view-calendar Exploit Author: Joaquin Ramirez...

InstantCMS SQL注入漏洞

CVECAN ID: CVE-2013-6839 InstantCMS是一款内容管理系统。 InstantCMS存在SQL注入漏洞，由于传递的"/catalog/id"的"orderby" HTTP POST参数未充分过滤，允许远程攻击者利用漏洞提交特制的SQL查询，可操作或获取数据库数据。 0 InstantCMS=1.10.3 厂商补丁： InstantCMS ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...