64 matches found
Online Fire Reporting System SQL注入漏洞
Online Fire Reporting System is an online fire reporting system from Carlo Montero's personal developer. version v1.0 of Online Fire Reporting System is vulnerable to SQL injection, which originates from /ofrs/admin/?page=reports& date=Lack of validation of external input SQL statements, an...
CSCMS Music Portal System SQL注入漏洞
CSCMS Music Portal System is a diversified content management system of China Chong Sheng Network Technology CSCMS Company. CSCMS Music Portal System suffers from a SQL injection vulnerability that originates from the lack of validation of the id parameter in /admin.php/singer/admin/singer/hy...
Simple Client Management System SQL注入漏洞(CNVD-2022-57772)
Simple Client Management System is a simple client management system from Carlo Montero's personal developer. version 1.0 of Simple Client Management System is vulnerable to SQL injection, which stems from a lack of validation of external SQL statements in /cms/admin/maintenance...
Online Sports Complex Booking System SQL注入漏洞
Online Sports Complex Booking System is an online stadium booking system by Carlo Montero, a personal developer. page=user/manageuser&id= lacks validation of external input SQL statements, which can be exploited to execute illegal SQL commands to steal sensitive database data...
EmpireCMS SQL注入漏洞
EmpireCMS Empire Content Management System is an open source content management system CMS. EmpireCMS version 7.5 is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in AdClass.php and can be exploited to execute illegal SQL commands to steal...
Simple Real Estate Portal System SQL注入漏洞(CNVD-2022-43406)
Simple Real Estate Portal System is a real estate portal system from Carlo Montero's personal developer. Simple Real Estate Portal System v1.0 is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...
Pagekit SQL Injection Vulnerability
Pagekit is a modular, lightweight CMS content management system. pagekit has a SQL injection vulnerability, which can be exploited by attackers to execute illegal SQL commands to steal sensitive data from the database...
forkcms SQL Injection Vulnerability (CNVD-2022-25983)
forkcms is an application. A CMS. forkcms version 5.11.1 previously contained a SQL injection vulnerability that stemmed from a lack of validation of externally entered SQL statements in the ids parameter of blog comments. An attacker could use this vulnerability to execute illegal SQL commands t...
Money Transfer Management System SQL Injection Vulnerability (CNVD-2022-83612)
Money Transfer Management System is a remittance management system. version 1.0 of Money Transfer Management System is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the id parameter of mtms/admin/?page=transaction/viewdetails. An attacker...
Atom CMS SQL Injection Vulnerability
Atom CMS is a content management system. A SQL injection vulnerability exists in Atom CMS version 2.0, which stems from a missing validation of external input SQL statements in the id parameter of /admin/ajax/avatar.php. An attacker could use this vulnerability to execute illegal SQL commands to...
BloofoxCms SQL Injection Vulnerability
BloofoxCms is a Php based text content management system. A SQL injection vulnerability exists in BloofoxCms versions 0.5.1 inclusive to 0.5.2.1 inclusive due to the following parameters "URLs,langid,tmplid,modrewrite,etadoctype,metacharset,default group,page group" lacks validation of externally...
WordPress Wpcalc plugin SQL injection vulnerability
WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers.The WordPress WPcalc plugin in version 2.1 and earlier is vulnerable to SQL injection, which stems from the plugin'...
Online Shopping Portal SQL Injection Vulnerability (CNVD-2021-103373)
Online Shopping Portal is an open source online shopping portal. A SQL injection vulnerability exists in Online Shopping Portal version 3.1, which can be exploited to execute illegal SQL commands to steal sensitive database data via the lack of validation of externally-entered SQL statements via...
Hacker steals govt database with info of entire Argentine population
By Deeba Ahmed Reportedly, the database also contains personal information of Argentinian President Alberto Fernández, football superstars Sergio Aguero and Lionel Messi. This is a post from HackRead.com Read the original post: Hacker steals govt database with info of entire Argentine population...
WordPress Plugin JoomSport 3.3 - SQL Injection
Exploit Title: JoomSport 3.3 – for Sports - SQL injection Google Dork: intext:powered by JoomSport - sport WordPress plugin Date:29/07/2019. Exploit Author: Pablo Santiago Vendor Homepage: https://beardev.com/ Software Link: https://wordpress.org/plugins/joomsport-sports-league-results-management...
Sql injection
The BearDev JoomSport plugin 3.3 for WordPress allows SQL injection to steal, modify, or delete database information via the joomsportseason/new-yorkers/?action=playerlist sid parameter...
SQL Injection Vulnerability in MallBuilder
MallBuilder is a multi-user online shopping mall solution based on PHP+MYSQL. MallBuilder suffers from a SQL injection vulnerability. An attacker can use this vulnerability to steal database information and control the operating system...
SSHC 5.0 Encrypted Database Content Stealing
Exploit Title: SSHC v5.0 encrypted database content stealing Date: 03/06/2016 Author: Mickael Dorigny @ Synetis Vendor or Software Link: https://github.com/e2ma3n/sshc Version: 0.5 Category: data theft SSHC description : ====================================================================== When...
WordPress 1.2.1/1.2.2 link-manager.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/11984/info Wordpress is reported vulnerable to multiple cross-site scripting, HTML injection, and SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied data. The cross-site...
o0mBBS 0.65B SQL Injection
--------------------------------------- Author : L3b-r1'z Title : o0mBBS Sql Injection Date : 6/12/2012 Email : [email protected] Site : Sec4Ever.com & Exploit4arab.com Google Dork : allintext: "o0mBBS version 0.65B" Version : 0.65 --------------------------------------- 1 Bug 2 PoC...