48 matches found
CVE-2018-13354
System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "Event" parameter...
CVE-2018-13354
System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "Event" parameter...
Sql injection
SQL injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute SQL queries via the "Event" parameter...
CVE-2018-13350
SQL injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute SQL queries via the "Event" parameter...
WordPress eventr 'event' parameter SQL injection vulnerability
WordPress is the WordPress Software Foundation a set of blogging platform developed using the PHP language, the platform supports in PHP and MySQL server set up a personal blog site.WordPress eventr is an Indian software developer Binny VA for WordPress developed a blog event management plugin. A...
CVE-2017-1002018
Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter...
CVE-2017-1002019
Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and eventform.php code do not sanitize input, this allows for blind SQL injection via the event parameter...
CVE-2002-0962
Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier allow remote attackers to execute arbitrary script via 1 the url variable in the Link field of a calendar event, 2 the topic parameter in index.php, or 3 the title parameter in comment.php...