Lucene search
K

6 matches found

EUVD
EUVD
added 2026/04/05 9:30 p.m.6 views

EUVD-2019-20071

News Website Script 2.0.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the news ID parameter. Attackers can send GET requests to index.php/show/news/ with malicious SQL statements to extract sensitive...

8.8CVSS6AI score0.004EPSS
Exploits1References4
NVD
NVD
added 2026/04/05 9:16 p.m.5 views

CVE-2019-25668

News Website Script 2.0.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the news ID parameter. Attackers can send GET requests to index.php/show/news/ with malicious SQL statements to extract sensitive...

8.8CVSS0.004EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/05 8:45 p.m.5 views

CVE-2019-25668

News Website Script 2.0.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the news ID parameter. Attackers can send GET requests to index.php/show/news/ with malicious SQL statements to extract sensitive...

8.8CVSS6AI score0.004EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.10 views

PT-2026-30477

News Website Script 2.0.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the news ID parameter. Attackers can send GET requests to index.php/show/news/ with malicious SQL statements to extract sensitive...

8.8CVSS6AI score0.004EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/10/26 12:0 a.m.6 views

TONGDA Office Anywhere SQL Injection Vulnerability

TONGDA Office Anywhere is a collaborative office OA system. A SQL injection vulnerability exists in TONGDA Office Anywhere V11.10 and earlier, v2017, which originates from an unknown function /manage/deletequery.php in the component General News, which causes an SQL injection via the parameter...

9.8CVSS8AI score0.0066EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2005/12/22 12:0 a.m.6 views

PT-2005-5169 · Quantum Art · Quantum Art Qp7.Enterprise

Name of the Vulnerable Software and Affected Versions: Quantum Art QP7.Enterprise affected versions not specified Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the p news id parameter to API endpoints such as "news and events...

7.5CVSS8.6AI score0.01172EPSS
Exploits1References7
Rows per page
Query Builder