86 matches found
CVE-2021-37475
In NavigateCMS version 2.9.4 and below, function in templates.php is vulnerable to sql injection on parameter template-properties-order, which results in arbitrary sql query execution in the backend database...
CVE-2021-37473
NavigateCMS 2.9.4 and earlier versions contain an SQL injection in the products-order parameter processed in products.php, allowing arbitrary SQL queries in the backend database. This is documented across multiple sources (e.g., NVD, CNVD/CNNVD) with no public patch/version details provided in th...
CVE-2021-37473
In NavigateCMS version 2.9.4 and below, function in product.php is vulnerable to sql injection on parameter products-order through a post request, which results in arbitrary sql query execution in the backend database...
CVE-2020-23711
SQL Injection vulnerability in NavigateCMS 2.9 via the URL encoded GET input category in navigate.php...
CVE-2020-23711
SQL Injection vulnerability in NavigateCMS 2.9 via the URL encoded GET input category in navigate.php...
Sql injection
SQL Injection vulnerability in NavigateCMS 2.9 via the URL encoded GET input category in navigate.php...
CVE-2020-23711
SQL Injection vulnerability in NavigateCMS 2.9 via the URL encoded GET input category in navigate.php...
CVE-2020-23711
NavigateCMS 2.9 is affected by CVE-2020-23711 due to a SQL injection in navigate.php: the URL GET input category is injectable. Documented risk is high (CVSS3.1 base 9.8, CRITICAL) with network access and no user interaction required. Exploitation details are not provided in the connected sources...
CVE-2020-23654
NavigateCMS 2.9 is affected by Cross Site Scripting XSS via the module "Shop."...
CVE-2020-23655
NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Configuration."...
CVE-2020-23657
NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Configuration."...
CVE-2020-23656
NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Content."...
CVE-2020-23656
NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Content."...
CVE-2020-23657
NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Configuration."...
Cross site scripting
NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Content."...
Cross site scripting
NavigateCMS 2.9 is affected by Cross Site Scripting XSS via the module "Shop."...
Cross site scripting
NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Configuration."...
Cross site scripting
NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Configuration."...
CVE-2020-23657
NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Configuration."...
CVE-2020-23656
NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Content."...