7210 matches found
CVE-2017-15984
Creative Management System CMS Lite 1.4 allows SQL Injection via the S parameter to index.php...
CVE-2017-15984
Creative Management System CMS Lite 1.4 allows SQL Injection via the S parameter to index.php...
Sql injection
Creative Management System CMS Lite 1.4 allows SQL Injection via the S parameter to index.php...
CVE-2017-15984
Creative Management System CMS Lite 1.4 allows SQL Injection via the S parameter to index.php...
CVE-2017-15961
iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php...
Sql injection
iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php...
Sql injection
PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter...
CVE-2017-15970
PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter...
CVE-2017-15961
iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php...
CVE-2017-15970
PHP CityPortal 2.0 is vulnerable to SQL Injection through the nid parameter in index.php (page=news action) or the cat parameter. The issue is documented across multiple sources (NVD entry CVE-2017-15970, CNVD/CNVD-2017-35824, Exploit-DB/0day entries, etc.). Public proof-of-concept and exploit in...
Sql injection
In the comtag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the tag parameter to index.php. The request method to execute is GET...
CVE-2017-15946
In the comtag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the tag parameter to index.php. The request method to execute is GET...
CVE-2017-15946
Summary: CVE-2017-15946 affects Joomla!’s com_tag component version 1.7.6, with a SQL injection in the tag parameter of index.php via a GET request. Root cause: improper handling/interpolation of user-supplied input allowing arbitrary SQL execution. Impact (as stated): compromises of confidential...
CVE-2017-15933
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface aka eonweb 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacityperdevice/index.php...
CVE-2011-4333
Multiple cross-site scripting XSS vulnerabilities in LabWiki 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 from parameter to index.php or the 2 pageno parameter to recentchanges.php...
CVE-2011-4333
Multiple cross-site scripting XSS vulnerabilities in LabWiki 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 from parameter to index.php or the 2 pageno parameter to recentchanges.php...
CVE-2017-15380
The CVE-2017-15380 entry corresponds to a cross‑site scripting (XSS) vulnerability in E‑SIC version 1.0, exploitable via the /cadastro/index.php registration page and the nome parameter. Public references indicate a potential remote script injection vector, with impacts limited to user context (n...
Kaltura 13.2.0 - Remote Code Execution
Kaltura 13.2.0 - Remote Code Execution !/usr/bin/env python Kaltura = 13.1.0 RCE CVE-2017-14143 https://telekomsecurity.github.io/2017/09/kaltura-rce.html $ python kalturarce.py "https://example.com" 0xxxxxxxx "system'id'" host: https://example.com entryid: 0xxxxxxxx code: system'id' + sending...
casamayor-realestate.com XSS vulnerability
Vulnerable URL: http://www.casamayor-realestate.com/si/index.php?seccion="'--!...
mamaija.pl XSS vulnerability
Vulnerable URL:...