121 matches found
The vulnerability of the Shops module in the NukeViet content management system allows a hacker to execute arbitrary SQL code.
The vulnerability of the Shops module in the NukeViet content management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code through the listid parameter in the detail.php script, ...
Vinades NukeViet SQL注入漏洞
Vinades NukeViet is an open source Content Management System CMS from Vinades Vietnam. A SQL injection vulnerability exists in NukeViet CMS due to a failure to filter special characters in the listid parameter on the detail.php page of the product store module and the groupprice and groupid...
CVE-2020-21809
SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the 1 listid parameter in detail.php and the 2 groupprice or groupid parameters in searchresult.php...
CVE-2020-21809
Summary: CVE-2020-21809 is a SQL Injection vulnerability in the NukeViet CMS module Shops affecting versions 4.0.29 and 4.3, exploitable via improper handling of input parameters (listid in detail.php; group_price or groupid in search_result.php). The vulnerability is documented with high/critica...
CVE-2018-19772
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters...
CVE-2018-19817
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/AdminAuthorisationFrame.jsp" has reflected XSS via the ConnPoolName or GroupId parameter...
CVE-2018-19773
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "EditCurrentUser.jsp" has reflected XSS via the GroupId and ConnPoolName parameters...
CVE-2018-19810
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/GroupMove.jsp" has reflected XSS via the ConnPoolName, GroupId, or type parameter...
CVE-2018-19773
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "EditCurrentUser.jsp" has reflected XSS via the GroupId and ConnPoolName parameters...
CVE-2018-19775
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "Variables.jsp" has reflected XSS via the ConnPoolName and GroupId parameters...
CVE-2018-19774
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "PresentSpace.jsp" has reflected XSS via the GroupId and ConnPoolName parameters...
CVE-2018-19774
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "PresentSpace.jsp" has reflected XSS via the GroupId and ConnPoolName parameters...
CVE-2018-19814
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/Subscriptions.jsp" has reflected XSS via the ConnPoolName or GroupId parameter...
CVE-2018-19813
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/Subscribers.jsp" has reflected XSS via the ConnPoolName or GroupId parameter...
CVE-2018-19812
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/SubFolderPackages.jsp" has reflected XSS via the GroupId parameter...
Cross site scripting
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "Variables.jsp" has reflected XSS via the ConnPoolName and GroupId parameters...
Cross site scripting
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/AdminAuthorisationFrame.jsp" has reflected XSS via the ConnPoolName or GroupId parameter...
CVE-2018-19768
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "SubPagePackages.jsp" has reflected XSS via the ConnPoolName and GroupId parameters...
Cross site scripting
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/Subscribers.jsp" has reflected XSS via the ConnPoolName or GroupId parameter...
Cross site scripting
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "PresentSpace.jsp" has reflected XSS via the ConnPoolName and GroupId parameters...