13 matches found
CVE-2018-25319
Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myeventsid parameter. Attackers can send GET requests to the eventadd.php page with malicious myeventsid values to extract o...
CVE-2018-25319 Redaxo CMS Addon MyEvents 2.2.1 SQL Injection via event_add.php
Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myeventsid parameter. Attackers can send GET requests to the eventadd.php page with malicious myeventsid values to extract o...
EUVD-2018-21840
Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myeventsid parameter. Attackers can send GET requests to the eventadd.php page with malicious myeventsid values to extract o...
CVE-2018-25319 Redaxo CMS Addon MyEvents 2.2.1 SQL Injection via event_add.php
Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myeventsid parameter. Attackers can send GET requests to the eventadd.php page with malicious myeventsid values to extract o...
CVE-2018-25319
Vulnerability summary: Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection in the event_add.php flow via the myevents_id parameter. The issue can be exploited by authenticated users sending crafted GET requests to the event_add.php endpoint to influence database queries and potentially extr...
CVE-2018-25319
Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myeventsid parameter. Attackers can send GET requests to the eventadd.php page with malicious myeventsid values to extract o...
REDAXO-AddOn: MyEvents SQL注入漏洞
REDAXO-AddOn: MyEvents is a multilingual event management plugin developed by Joachim Wendenburg. Version 2.2.1 of REDAXO-AddOn: MyEvents contains an SQL injection vulnerability. This vulnerability arises from injecting SQL code through the myeventsid parameter, potentially allowing authenticated...
PT-2026-41545
Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myevents id parameter. Attackers can send GET requests to the event add.php page with malicious myevents id values to extrac...
Redaxo CMS Addon MyEvents SQL Injection
An SQL injection vulnerability exists in Redaxo. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Redaxo CMS Addon MyEvents 2.2.1 SQL Injection
Exploit Title: Redaxo CMS Addon MyEvents SQL Injection Backend Date: 01.03.2018 Exploit Author: h0n1gsp3cht Vendor Homepage: http://www.github.com/wende60/myevents Version: 2.2.1 Last Version Tested on: LinuxMint More: Login Required GET Vuln Code + redaxo/src/addons/myevents/pages/eventadd.php...
Redaxo CMS Addon MyEvents 2.2.1 - SQL Injection
Exploit Title: Redaxo CMS Addon MyEvents SQL Injection Backend Date: 01.03.2018 Exploit Author: h0n1gsp3cht Vendor Homepage: http://www.github.com/wende60/myevents Version: 2.2.1 Last Version Tested on: LinuxMint More: Login Required GET Vuln Code + redaxo/src/addons/myevents/pages/eventadd.php...
Redaxo CMS Addon MyEvents 2.2.1 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Redaxo CMS Addon MyEvents SQL Injection Backend Exploit Author: h0n1gsp3cht Vendor Homepage: http://www.github.com/wende60/myevents Version: 2.2.1 Last Version Tested on: LinuxMint More: Login Required GET Vuln Code +...
Redaxo CMS Addon MyEvents 2.2.1 - SQL Injection
Redaxo CMS Addon MyEvents 2.2.1 - SQL Injection Exploit Title: Redaxo CMS Addon MyEvents SQL Injection Backend Date: 01.03.2018 Exploit Author: h0n1gsp3cht Vendor Homepage: http://www.github.com/wende60/myevents Version: 2.2.1 Last Version Tested on: LinuxMint More: Login Required GET Vuln Code +...