CVE-2026-10256 itsourcecode Content Management System save_comment.php sql injection

A vulnerability was identified in itsourcecode Content Management System 1.0. This vulnerability affects unknown code of the file /savecomment.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...

CVE-2026-10256 itsourcecode Content Management System save_comment.php sql injection

A vulnerability was identified in itsourcecode Content Management System 1.0. This vulnerability affects unknown code of the file /savecomment.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...

CVE-2025-9100

A security flaw has been discovered in zhenfeng13 My-Blog 1.0.0. This vulnerability affects unknown code of the file /blog/comment of the component Frontend Blog Article Comment Handler. The manipulation leads to authentication bypass by capture-replay. The attack can be initiated remotely. The...

CVE-2020-21013

emlog v6.0.0 contains a SQL injection via /admin/comment.php...

Dormitory Management System SQL Injection Vulnerability

Dormitory Management System is a dormitory management system. A SQL injection vulnerability exists in Dormitory Management System version 1.0, which stems from a SQL injection vulnerability in the comment.php file...

Slims9 Bulian SQL注入漏洞

Slims9 Bulian is a free and open source software from the Indonesian Slims community. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. Slims9 Bulian suffers from a SQL injection vulnerability that originates from a SQL...

GlFusion Cms 访问控制错误漏洞

glFusion CMS is a content management and publishing system. glFusion CMS v1.7.9 is vulnerable to an access control error, which can be exploited by attackers via /publichtml/comment.php...

SQL Injection Vulnerability in IMGCMS comment.php File

IMGCMS is a set of CMS management program focused on the development of image-based websites. With PHP+MYSQL architecture, it can run on different platforms Windows, Linux, Unix. SQL injection vulnerability exists in IMGCMS comment.php file. An attacker can exploit the vulnerability to obtain...

SQL Injection Vulnerability in appcms comment.php

APPCMS is a professional APP content management system. APPCMS comment.php suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to obtain sensitive database information or perform unauthorized operations...

Cross-site Scripting Vulnerability in EaseUS Content Management System

EECO Content Management System is a marketing enterprise website system developed based on SEO-friendliness. There is an XSS cross-site scripting vulnerability in EE Content Management System. The vulnerability file is comment.php, due to the safecheck function is not filtered completely, the...

YaPIG 0.95b Remote Code Execution Exploit

No description provided by source. ?php / This module adds a comment file in $giddir . $gid . "" .$phid file Each File will have this format if $SEPARATOR=":"; title:author:date:email:web:message\n if a message contains "\n" character, it will be replaced with "br /" The variables receives by the...

yapig-exec.txt

" The variables receives by the form POST: - integer $gid the gid of the gallery - interger $phid the phid of the image - string $tit title of the comment - string $author author name - string $mail comment authoer email - string $web comment author web - string $msg comment itself @package user ...