3632 matches found
CVE-2024-0525 CXBSoft Url-shorting HTTP POST Request long_s_short.php sql injection
A vulnerability classified as critical has been found in CXBSoft Url-shorting up to 1.3.1. This affects an unknown part of the file /pages/longsshort.php of the component HTTP POST Request Handler. The manipulation of the argument longurl leads to sql injection. The exploit has been disclosed to...
CVE-2024-0525 CXBSoft Url-shorting HTTP POST Request long_s_short.php sql injection
A vulnerability classified as critical has been found in CXBSoft Url-shorting up to 1.3.1. This affects an unknown part of the file /pages/longsshort.php of the component HTTP POST Request Handler. The manipulation of the argument longurl leads to sql injection. The exploit has been disclosed to...
CVE-2024-0522
A vulnerability was found in Allegro RomPager 4.01. It has been classified as problematic. Affected is an unknown function of the file usertable.htm?action=delete of the component HTTP POST Request Handler. The manipulation of the argument username leads to cross-site request forgery. It is...
CVE-2024-0522 Allegro RomPager HTTP POST Request cross-site request forgery
A vulnerability was found in Allegro RomPager 4.01. It has been classified as problematic. Affected is an unknown function of the file usertable.htm?action=delete of the component HTTP POST Request Handler. The manipulation of the argument username leads to cross-site request forgery. It is...
CVE-2024-0522
CVE-2024-0522 originates from Allegro RomPager 4.01, where CSRF can be triggered via the HTTP POST Request Handler in the file usertable.htm?action=delete , allowing remote exploitation. The underlying issue is a manipulation of the username argument that enables cross-site request forgery. Affec...
CVE-2024-0522 Allegro RomPager HTTP POST Request cross-site request forgery
A vulnerability was found in Allegro RomPager 4.01. It has been classified as problematic. Affected is an unknown function of the file usertable.htm?action=delete of the component HTTP POST Request Handler. The manipulation of the argument username leads to cross-site request forgery. It is...
Allegro RomPager Cross-Site Request Forgery Vulnerability
Allegro is an open source Allegro cross-platform library primarily for video games and multimedia programming. A cross-site request forgery vulnerability exists in Allegro RomPager version 4.01, which stems from a cross-site request forgery CSRF vulnerability in the HTTP POST component of the fil...
Server side request forgery (ssrf)
A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1. Affected by this issue is the function httppost of the file /application/pay/controller/Api.php. The manipulation of the argument url leads to server-side request forgery. The attack may be launched...
CVE-2024-0496
A vulnerability was found in Kashipara Billing Software 1.0 and classified as critical. This issue affects some unknown processing of the file itemlistedit.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated...
CVE-2024-0495
A vulnerability has been found in Kashipara Billing Software 1.0 and classified as critical. This vulnerability affects unknown code of the file partysubmit.php of the component HTTP POST Request Handler. The manipulation of the argument partyname leads to sql injection. The attack can be initiat...
Sql injection
A vulnerability was found in Kashipara Billing Software 1.0 and classified as critical. This issue affects some unknown processing of the file itemlistedit.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated...
Sql injection
A vulnerability has been found in Kashipara Billing Software 1.0 and classified as critical. This vulnerability affects unknown code of the file partysubmit.php of the component HTTP POST Request Handler. The manipulation of the argument partyname leads to sql injection. The attack can be initiat...
CVE-2024-0496 Kashipara Billing Software HTTP POST Request item_list_edit.php sql injection
A vulnerability was found in Kashipara Billing Software 1.0 and classified as critical. This issue affects some unknown processing of the file itemlistedit.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated...
CVE-2024-0496 Kashipara Billing Software HTTP POST Request item_list_edit.php sql injection
A vulnerability was found in Kashipara Billing Software 1.0 and classified as critical. This issue affects some unknown processing of the file itemlistedit.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated...
CVE-2024-0495
The CVE-2024-0495 entries indicate a SQL injection in Kashipara Billing Software 1.0, caused by unsanitized party_name input in party_submit.php (HTTP POST Handler). It is remotely exploitable with publicly disclosed exploit information. Affected component/file: party_submit.php; vulnerable input...
CVE-2024-0495 Kashipara Billing Software HTTP POST Request party_submit.php sql injection
A vulnerability has been found in Kashipara Billing Software 1.0 and classified as critical. This vulnerability affects unknown code of the file partysubmit.php of the component HTTP POST Request Handler. The manipulation of the argument partyname leads to sql injection. The attack can be initiat...
CVE-2024-0494
A vulnerability, which was classified as critical, was found in Kashipara Billing Software 1.0. This affects an unknown part of the file materialbill.php of the component HTTP POST Request Handler. The manipulation of the argument itemtypeid leads to sql injection. It is possible to initiate the...
Sql injection
A vulnerability, which was classified as critical, has been found in Kashipara Billing Software 1.0. Affected by this issue is some unknown functionality of the file submitdeliverylist.php of the component HTTP POST Request Handler. The manipulation of the argument customerdetails leads to sql...
Sql injection
A vulnerability, which was classified as critical, was found in Kashipara Billing Software 1.0. This affects an unknown part of the file materialbill.php of the component HTTP POST Request Handler. The manipulation of the argument itemtypeid leads to sql injection. It is possible to initiate the...
CVE-2024-0494 Kashipara Billing Software HTTP POST Request material_bill.php sql injection
A vulnerability, which was classified as critical, was found in Kashipara Billing Software 1.0. This affects an unknown part of the file materialbill.php of the component HTTP POST Request Handler. The manipulation of the argument itemtypeid leads to sql injection. It is possible to initiate the...