Lucene search
+L

5 matches found

ptsecurity
ptsecurity
added 2026/07/09 12:0 a.m.8 views

PT-2026-56957

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Nuss nuss allows PHP Local File Inclusion.This issue affects Nuss: from n/a through = 1.3.6...

7.5CVSS6.1AI score0.00496EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/04/03 12:0 a.m.6 views

PT-2026-29977

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Unsanitized IMAP SEARCH command arguments could lead to IMAP injection or CSRF bypass during mail search...

3.1CVSS5.9AI score0.00283EPSS
Exploits0References8
cvelist
cvelist
added 2025/11/16 4:17 a.m.9 views

CVE-2025-12482 Booking for Appointments and Events Calendar – Amelia <= 1.2.35 - Unauthenticated SQL Injection via search

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to SQL Injection via the ‘search’ parameter in all versions up to, and including, 1.2.35 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

7.5CVSS0.00317EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2023/03/30 12:0 a.m.8 views

PT-2023-17203 · Sourcecodester · Sourcecodester Young Entrepreneur E-Negosyo System

Name of the Vulnerable Software and Affected Versions: SourceCodester Young Entrepreneur E-Negosyo System version 1.0 Description: A critical issue has been found in the system, affecting the file index.php?q=product. The manipulation of the search argument leads to SQL injection. The attack can ...

9.8CVSS8.1AI score0.00492EPSS
Exploits0References4
attackerkb
attackerkb
added 2022/03/02 11:15 p.m.5 views

CVE-2022-26170

Simple Mobile Comparison Website v1.0 was discovered to contain a SQL injection vulnerability via the search parameter...

9.8CVSS6AI score0.01255EPSS
Exploits1References2
Rows per page
Query Builder