109 matches found
CVE-2026-1105
A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was...
CVE-2026-1105
A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was...
CVE-2026-1105
A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was...
EasyCMS SQL Injection Vulnerability
EasyCMS is a PHP-based website building system from the EasyCMS community. Versions of EasyCMS 1.6 and earlier have a SQL injection vulnerability. This vulnerability stems from incorrect handling of the order parameter in the File/UserAction.class.php file, which may lead to SQL injection attacks...
CVE-2026-1105 EasyCMS UserAction.class.php sql injection
A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was...
CVE-2026-1105 EasyCMS UserAction.class.php sql injection
A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was...
CVE-2026-1105
A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was...
CVE-2026-1105
CVE-2026-1105 affects EasyCMS up to 1.6, with a flaw in the /UserAction.class.php file that allows manipulation of the _order argument, resulting in SQL injection. Documents from NVD/Red Hat indicate remote, publicly exploitable behavior and claim high impact (possible data disclosure/integrity/a...
PT-2026-3373
Name of the Vulnerable Software and Affected Versions EasyCMS versions up to 1.6 Description A flaw exists in EasyCMS that allows for remote code execution. The issue stems from the manipulation of the order argument within the /UserAction.class.php file, leading to a SQL injection. The exploit i...
CVE-2022-23358
EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement...
EUVD-2018-2447
Malware in sbrugna...
EUVD-2020-17006
Malware in sbrugna...
EUVD-2018-8559
Malware in sbrugna...
EUVD-2018-4924
Malware in sbrugna...
EUVD-2018-8192
Malware in sbrugna...
EUVD-2018-8891
Malware in sbrugna...
EUVD-2018-2599
Malware in sbrugna...
EUVD-2019-15859
Malware in sbrugna...
EUVD-2018-8573
Malware in sbrugna...
EUVD-2022-28437
Malicious code in bioql PyPI...