27 matches found
CVE-2026-2831
The MailArchiver plugin for WordPress is vulnerable to SQL Injection via the ‘logid’ parameter in all versions up to, and including, 4.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
EUVD-2026-9025
The MailArchiver plugin for WordPress is vulnerable to SQL Injection via the ‘logid’ parameter in all versions up to, and including, 4.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2026-2831
The MailArchiver plugin for WordPress is vulnerable to SQL Injection via the ‘logid’ parameter in all versions up to, and including, 4.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2026-2831
The MailArchiver plugin for WordPress is vulnerable to SQL Injection via the ‘logid’ parameter in all versions up to, and including, 4.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2026-2831 MailArchiver <= 4.5.0 - Authenticated (Admininistrator+) SQL Injection via 'logid' Parameter
The MailArchiver plugin for WordPress is vulnerable to SQL Injection via the ‘logid’ parameter in all versions up to, and including, 4.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2026-2831 MailArchiver <= 4.5.0 - Authenticated (Admininistrator+) SQL Injection via 'logid' Parameter
The MailArchiver plugin for WordPress is vulnerable to SQL Injection via the ‘logid’ parameter in all versions up to, and including, 4.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2026-2831
CVE-2026-2831 affects the MailArchiver WordPress plugin (versions ≤ 4.5.0). It is an authenticated SQL Injection via the logid parameter, requiring Administrator-level access. Impact: potential extraction of sensitive data. Patch: fixed in 4.5.0; earlier versions are affected.
PT-2026-22334
The MailArchiver plugin for WordPress is vulnerable to SQL Injection via the ‘logid’ parameter in all versions up to, and including, 4.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
WordPress plugin MailArchiver SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress MailArchiver plugin <= 4.5.0 - Authenticated (Admininistrator+) SQL Injection via 'logid' Parameter vulnerability
Authenticated Admininistrator+ SQL Injection via 'logid' Parameter vulnerability discovered by Ronnachai Chaipha rxnr - Reconix Co., Ltd. in WordPress Plugin MailArchiver versions = 4.5.0...
CVE-2020-37105
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers to execute arbitrary SQL commands through the 'logid' parameter. Attackers can leverage this vulnerability by sending crafted requests to the /admin/sauvegarde/download.php...
CVE-2020-37105
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers to execute arbitrary SQL commands through the 'logid' parameter. Attackers can leverage this vulnerability by sending crafted requests to the /admin/sauvegarde/download.php...
EUVD-2020-30987
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers to execute arbitrary SQL commands through the 'logid' parameter. Attackers can leverage this vulnerability by sending crafted requests to the /admin/sauvegarde/download.php...
CVE-2020-37105
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers to execute arbitrary SQL commands via the logid parameter to /admin/sauvegarde/download.php. Affected component is the download script; root cause is improper handling/validati...
CVE-2020-37105 PMB 5.6 - 'logid' SQL Injection
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers to execute arbitrary SQL commands through the 'logid' parameter. Attackers can leverage this vulnerability by sending crafted requests to the /admin/sauvegarde/download.php...
CVE-2020-37105 PMB 5.6 - 'logid' SQL Injection
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers to execute arbitrary SQL commands through the 'logid' parameter. Attackers can leverage this vulnerability by sending crafted requests to the /admin/sauvegarde/download.php...
PT-2026-5853
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers to execute arbitrary SQL commands through the 'logid' parameter. Attackers can leverage this vulnerability by sending crafted requests to the /admin/sauvegarde/download.php...
SIGB PMB SQL注入漏洞
SIGB PMB is an open-source integrated library management system developed by SIGB Corporation. Version 5.6 of SIGB PMB contains a SQL injection vulnerability. This vulnerability stems from the logid parameter in the management download script, which allows for SQL injections. As a result,...
EUVD-2023-1232
Malicious code in bioql PyPI...
bootplus 安全漏洞
bootplus is a permission management framework by JoeyBling Personal Developer. A security vulnerability exists in bootplus, which stems from the parameter logId in the file /admin/sys/log/list that can lead to SQL injection...