7 matches found
CVE-2026-3410
CVE-2026-3410 affects itsourcecode Society Management System 1.0. The vulnerability resides in an unknown functionality of /admin/check_studid.php, where manipulating the student_id parameter enables SQL injection. Exploitation is described as possible remotely and publicly available, with high-s...
GHSA-MRMX-JFW8-QHGV Melis Platform CMS SQL Injection
SQL injection vulnerability based on the melis-cms module of the Melis platform from Melis Technology. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'idPage' parameter in the '/melis/MelisCms/PageEdition/getTinyTemplates' endpoint...
CVE-2025-10351 SQL injection vulnerability in Melis Platform
SQL injection vulnerability based on the melis-cms module of the Melis platform from Melis Technology. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'idPage' parameter in the '/melis/MelisCms/PageEdition/getTinyTemplates' endpoint...
PT-2025-41244
Name of the Vulnerable Software and Affected Versions Melis platform affected versions not specified Description A SQL injection issue exists in the melis-cms module of the Melis platform. This allows an attacker to retrieve, create, update, and delete databases. The vulnerability is located in t...
Product Show Room Site SQL注入漏洞
Product Show Room Site is a product showroom site from Carlo Montero's personal developer. version 1.0 of Product Show Room Site is vulnerable to a SQL injection vulnerability that originates in /psrs/admin/fields/managefield.php?id=page. SQL injection problem, an attacker can use this...
CVE-2022-29306
IonizeCMS v1.0.8.1 was discovered to contain a SQL injection vulnerability via the idpage parameter in application/models/articlemodel.php...
CVE-2018-16671
An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is system software information disclosure due to lack of authentication for /html/device-id...