780 matches found
CVE-2017-17607
CMS Auditor Website 1.0 has SQL Injection via the PATHINFO to /news-detail...
Sql injection
FS Amazon Clone 1.0 has SQL Injection via the PATHINFO to /VerAyari...
Sql injection
CMS Auditor Website 1.0 has SQL Injection via the PATHINFO to /news-detail...
Sql injection
Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATHINFO to the /detail URI...
CVE-2017-17572
FS Amazon Clone 1.0 has SQL Injection via the PATHINFO to /VerAyari...
CVE-2017-17607
CMS Auditor Website 1.0 is affected by an SQL injection vulnerability reachable via PATH_INFO to /news-detail. The CVE entry notes an SQLi impact affecting confidentiality, integrity, and availability with high/severe severities (CVSS v2 base 7.5 HIGH; CVSS v3 base 9.8 CRITICAL). The vulnerabilit...
CVE-2017-17621
CVE-2017-17621 affects the Multivendor Penny Auction Clone Script 1.0. The connected sources document a SQL Injection vulnerability that can be triggered via PATH_INFO to the /detail URI, allowing an attacker to inject SQL commands remotely (no authentication required per the CVE data). Several r...
CVE-2017-17607
CMS Auditor Website 1.0 has SQL Injection via the PATHINFO to /news-detail...
CVE-2017-17621
Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATHINFO to the /detail URI...
CVE-2017-16785
Cacti 1.1.27 has reflected XSS via the PATHINFO to host.php...
Cross site scripting
Cacti 1.1.27 has reflected XSS via the PATHINFO to host.php...
CVE-2017-16785
Cacti 1.1.27 has reflected XSS via the PATHINFO to host.php...
CVE-2017-16785
Cacti 1.1.27 has reflected XSS via the PATHINFO to host.php...
CVE-2017-16785
CVE-2017-16785 affects Cacti 1.1.27 and is a reflected XSS via PATH_INFO to host.php. Connected advisories show multiple vendors/osses reporting the issue as part of a 1.1.28 fix set. Impact per Arch Linux advisory: for remote authenticated admins there is cross-site scripting risk; updates fix t...
CVE-2017-16785
Cacti 1.1.27 has reflected XSS via the PATHINFO to host.php...
CVE-2017-16785
Cacti 1.1.27 has reflected XSS via the PATHINFO to host.php...
Sql injection
Adult Script Pro 2.2.4 allows SQL Injection via the PATHINFO to a /download URI, a different vulnerability than CVE-2007-6576...
Sql injection
Job Board Script Software allows SQL Injection via the PATHINFO to a /job-details URI...
Sql injection
PG All Share Video 1.0 allows SQL Injection via the PATHINFO to search/tag, friends/index, users/profile, or videocatalog/category...
CVE-2017-15964
Job Board Script Software allows SQL Injection via the PATHINFO to a /job-details URI...