Lucene search
K

407 matches found

NVD
NVD
added 2026/05/23 7:16 p.m.14 views

CVE-2018-25348

Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the userdetail view with malicious cid values containing SQL commands t...

8.8CVSS0.00358EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/23 6:30 p.m.7 views

CVE-2018-25348

Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the userdetail view with malicious cid values containing SQL commands t...

8.8CVSS5.9AI score0.00358EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/23 6:30 p.m.9 views

CVE-2018-25348 Joomla! Component Ek Rishta 2.10 SQL Injection via user_detail

Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the userdetail view with malicious cid values containing SQL commands t...

8.8CVSS5.9AI score0.00358EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/23 6:30 p.m.16 views

CVE-2018-25348 Joomla! Component Ek Rishta 2.10 SQL Injection via user_detail

Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the userdetail view with malicious cid values containing SQL commands t...

8.8CVSS0.00358EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/23 12:0 a.m.11 views

Joomla Component Ek Rishta SQL注入漏洞

The Joomla component Ek Rishta is a Joomla-based dating and networking website component developed by the Ek Rishta team. Version 2.10 of the Ek Rishta component contains a SQL injection vulnerability. This vulnerability arises from injecting SQL code via the cid parameter, which may allow...

8.8CVSS5.9AI score0.00358EPSS
Exploits0References4
CVE
CVE
added 2026/04/08 10:45 p.m.14 views

CVE-2026-5813

PHPGurukul Online Course Registration 3.1 is affected by a SQL injection in the file /check_availability.php, triggered by manipulating the cid parameter. The vulnerability can be exploited remotely and the exploit is publicly available. The CVSS metrics indicate a Network attack vector, low comp...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/07 10:52 a.m.6 views

CVE-2026-5635

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be...

6.5CVSS5.7AI score0.00246EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/06 9:31 a.m.6 views

EUVD-2026-19193

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be...

6.5CVSS5.7AI score0.00246EPSS
Exploits0References6
CVE
CVE
added 2026/04/06 7:45 a.m.16 views

CVE-2026-5635

CVE-2026-5635 affects PHPGurukul Online Shopping Portal Project 2.1. The vulnerability is in the Parameter Handler’s /categorywise-products.php, where manipulating the cid parameter leads to SQL injection. Attacks can be launched remotely and the exploit has been released publicly. Concrete remed...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.9 views

PT-2026-30580

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/12 6:30 p.m.2 views

EUVD-2019-19794

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send requests to haberarsiv.php with malicious cid values using UNION-based injecti...

8.8CVSS5.9AI score0.00451EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.2 views

CVE-2019-25517 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via haberarsiv.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send requests to haberarsiv.php with malicious cid values using UNION-based injecti...

8.8CVSS5.9AI score0.00451EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.6 views

CVE-2019-25517

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send requests to haberarsiv.php with malicious cid values using UNION-based injecti...

8.8CVSS5.9AI score0.00451EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.6 views

Jettweb PHP Hazir Haber Sitesi Scripti SQL注入漏洞

Jettweb PHP Preconfigured News Sites Script is a content management system developed by the Turkish company Jettweb. Version V1 of the Jettweb PHP Preconfigured News Sites Script has a SQL injection vulnerability. This vulnerability stems from the cid parameter, which allows for SQL injections. I...

8.8CVSS5.9AI score0.00451EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.9 views

PT-2026-24977

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send requests to haberarsiv.php with malicious cid values using UNION-based injecti...

8.8CVSS5.9AI score0.00451EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/02/23 7:25 p.m.7 views

CVE-2019-25433

XOOPS CMS 2.5.9 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the gerarpdf.php endpoint with malicious cid values to extract sensitive database...

8.8CVSS5.7AI score0.00262EPSS
Exploits0References1
NVD
NVD
added 2026/02/22 2:16 p.m.5 views

CVE-2019-25433

XOOPS CMS 2.5.9 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the gerarpdf.php endpoint with malicious cid values to extract sensitive database...

8.8CVSS0.00262EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/22 1:34 p.m.24 views

CVE-2019-25433 XOOPS CMS 2.5.9 SQL Injection via gerar_pdf.php

XOOPS CMS 2.5.9 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the gerarpdf.php endpoint with malicious cid values to extract sensitive database...

8.8CVSS0.00262EPSS
Exploits0References3
CVE
CVE
added 2026/02/22 1:34 p.m.20 views

CVE-2019-25433

XOOPS CMS 2.5.9 contains an SQL injection in gerar_pdf.php via the cid parameter that allows unauthenticated attackers to manipulate database queries and extract sensitive information. The vulnerability is triggered by special cid values in GET requests. Affected component: gerar_pdf.php in XOOPS...

8.8CVSS5.9AI score0.00262EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/22 1:34 p.m.7 views

CVE-2019-25433

XOOPS CMS 2.5.9 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the gerarpdf.php endpoint with malicious cid values to extract sensitive database...

8.8CVSS5.9AI score0.00262EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder