Lucene search
K

143 matches found

CVE
CVE
added 2026/05/30 2:55 p.m.26 views

CVE-2018-25417

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability via the quality parameter in quality.php. Unauthenticated attackers can send crafted SQL payloads to extract sensitive data (usernames, database names, version details). CVSS metrics indicate high severity (CVSS 3.1: 8.2; CVSS 4.0: 8.8)....

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/30 2:55 p.m.13 views

EUVD-2018-21938

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the country parameter. Attackers can send GET requests to country.php with crafted SQL payloads in the country parameter to extrac...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/30 2:55 p.m.15 views

CVE-2018-25414

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the actor parameter. Attackers can send GET requests to actor.php with crafted SQL payloads in the actor parameter to extract...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/30 2:55 p.m.28 views

CVE-2018-25414 AiOPMSD Final 1.0.0 SQL Injection via actor.php

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the actor parameter. Attackers can send GET requests to actor.php with crafted SQL payloads in the actor parameter to extract...

8.8CVSS0.0027EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/30 2:55 p.m.28 views

EUVD-2018-21936

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the actor parameter. Attackers can send GET requests to actor.php with crafted SQL payloads in the actor parameter to extract...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/30 2:55 p.m.10 views

CVE-2018-25415 AiOPMSD Final 1.0.0 SQL Injection via director Parameter

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the director parameter. Attackers can send GET requests to director.php with crafted SQL payloads in the director parameter to...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/30 2:55 p.m.12 views

EUVD-2018-21937

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the director parameter. Attackers can send GET requests to director.php with crafted SQL payloads in the director parameter to...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/30 2:55 p.m.9 views

CVE-2018-25413

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'q' parameter. Attackers can send GET requests to search.php with crafted SQL payloads to extract sensitive database informati...

8.8CVSS6.1AI score0.00276EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/30 2:55 p.m.10 views

CVE-2018-25410

SIM-PKH 2.4.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to /admin/media.php with module=pengurus and act=editpengurus parameters containing SQ...

7.1CVSS6.2AI score0.00221EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/30 2:55 p.m.38 views

CVE-2018-25407 eNdonesia Portal 8.7 SQL Injection via mod.php

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters across...

8.8CVSS0.0027EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/30 2:55 p.m.9 views

EUVD-2018-21929

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters across...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/30 12:0 a.m.9 views

eNdonesia Portal SQL注入漏洞

eNdonesia Portal is a system platform developed by eNdonesia’s individual developers, offering functions for portal content management and information publishing. Version 8.7 of eNdonesia Portal has a SQL injection vulnerability. This vulnerability arises from injecting malicious code through...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/30 12:0 a.m.8 views

SIM-PKH SQL注入漏洞

SIM-PKH is a community-based poverty alleviation data management system developed by Insan Sutejo. Version 2.4.1 of SIM-PKH contains an SQL injection vulnerability. This vulnerability arises from injecting malicious code through the id parameter, potentially allowing authenticated attackers to...

7.1CVSS6.2AI score0.00221EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/30 12:0 a.m.11 views

AiOPMSD Final SQL注入漏洞

AiOPMSD Final is a video stream download tool developed by AiOPMSD Corporation. Version 1.0.0 of AiOPMSD Final contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the year parameter, potentially allowing unauthenticated attackers to execute...

8.8CVSS6.2AI score0.00276EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/30 12:0 a.m.14 views

PT-2026-45117

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the quality parameter. Attackers can send GET requests to quality.php with crafted SQL payloads in the quality parameter to extrac...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/30 12:0 a.m.14 views

PT-2026-45118

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the year parameter. Attackers can send GET requests to year.php with crafted SQL payloads in the year parameter to extract sensiti...

8.8CVSS6.1AI score0.00276EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/30 12:0 a.m.13 views

PT-2026-45116

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the country parameter. Attackers can send GET requests to country.php with crafted SQL payloads in the country parameter to extrac...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/30 12:0 a.m.17 views

PT-2026-45114

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the actor parameter. Attackers can send GET requests to actor.php with crafted SQL payloads in the actor parameter to extract...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/30 12:0 a.m.13 views

AiOPMSD Final SQL注入漏洞

AiOPMSD Final is a video stream download tool developed by AiOPMSD Corporation. Version 1.0.0 of AiOPMSD Final contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the quality parameter, potentially allowing unauthenticated attackers to execute...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/30 12:0 a.m.12 views

Yot CMS SQL注入漏洞

Yot CMS is a content management system developed by Yot Corporation. Version 3.3.1 of Yot CMS has a SQL injection vulnerability. This vulnerability stems from the use of parameters named aid and cid, which can allow unauthorized attackers to execute arbitrary SQL queries by injecting malicious...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
Rows per page
Query Builder