Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/04/05 12:0 a.m.3 views

News Website Script SQL注入漏洞

News Website Script is a website-building system script from the PHP Scripts Mall community. Version 2.0.5 of News Website Script contains an SQL injection vulnerability. This vulnerability stems from the SQL injection in the news ID parameter, which could allow unverified attackers to manipulate...

8.8CVSS5.9AI score0.00107EPSS
Exploits1References3
NVD
NVDadded 2026/03/30 3:16 p.m.1 views

CVE-2026-30082

Multiple stored cross-site scripting XSS vulnerabilities in the Edit feature of the Software Package List page of IngEstate Server v11.14.0 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the About application, What's news, or Release note parameters...

6.1CVSS0.00034EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/03/25 12:0 a.m.1 views

PT-2024-2384 · Phpmyfaq · Phpmyfaq

Name of the Vulnerable Software and Affected Versions: phpMyFAQ versions prior to 3.2.6 Description: The issue is related to the manipulation of the news parameter in a POST request, allowing an attacker to inject malicious JavaScript code. Upon browsing to the compromised news page, the XSS...

5.8CVSS6.7AI score0.00157EPSS
Exploits1References15
CNNVD
CNNVDadded 2024/03/25 12:0 a.m.1 views

phpMyFAQ 安全漏洞

phpMyFAQ is a multilingual, fully database-driven Frequently Asked Questions FAQ system by Thorsten Rinne, an individual developer. A security vulnerability exists in phpMyFAQ, which stems from a cross-site scripting vulnerability in the news parameter...

5.4CVSS4.6AI score0.00157EPSS
Exploits1References3
CNNVD
CNNVDadded 2024/01/07 12:0 a.m.2 views

Online Job Portal 跨站脚本漏洞

Online Job Portal is an online job search portal. A cross-site scripting vulnerability exists in Online Job Portal version 1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the parameter News in /Admin/News.php, which can be exploited by an attacker to...

4.8CVSS6.2AI score0.00054EPSS
Exploits1References4
CNVD
CNVDadded 2016/06/12 12:0 a.m.1 views

SQL injection vulnerability in news.htm?id=parameter of distance learning platform of Shenzhen Tengchuang Network Technology Co.

Tengchuang Internet Distance Education Platform is centered on real-time interactive online classroom, combining powerful functions such as courseware on demand, course transaction, online payment and online examination to build a perfect online knowledge transaction platform for students and...

7.8AI score
Exploits0References1
Prion
Prionadded 2010/06/18 8:30 p.m.13 views

Sql injection

SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter...

7.5CVSS9.1AI score0.00317EPSS
Exploits1References2Affected Software1
NVD
NVDadded 2008/11/10 2:12 p.m.10 views

CVE-2008-5000

SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5.16, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via uppercase characters in the newsid parameter...

6.8CVSS8.3AI score0.00485EPSS
Exploits0References4
Rows per page
Query Builder