PT-2024-17203 · WordPress · Wp Job Portal

Name of the Vulnerable Software and Affected Versions: WP Job Portal plugin for WordPress versions up to, and including, 2.2.2 Description: The issue is related to SQL Injection via the page id parameter of the wpjobportal deactivate function due to insufficient escaping on the user-supplied...

WordPress plugin WP Job Portal SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

LumisXP Security Vulnerability

LumisXP is a cloud-based digital experience software from Lumis Inc. It helps users gain insight into various website, blog and landing page metrics on a unified platform. A security vulnerability exists in LumisXP versions v15.0.x through v16.1.x. An attacker can exploit the vulnerability to...

RuvarOA 安全漏洞

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by the lack of validation of the PageID parameter in the /WebUtility/SearchCondiction.aspx file against external SQL input. An attacker can exploit this...

CVE-2023-31940

SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the pageid parameter at articleedit.php...

Online Travel Agency System SQL注入漏洞

Online Travel Agency System is an online travel agency system. A SQL injection vulnerability exists in Online Travel Agency System v1.0, which originates from a lack of validation of the articleedit.php parameter pageid against an externally-entered SQL statement. An attacker can exploit this...

PT-2023-23538 · Unknown · Online Travel Agency System

Name of the Vulnerable Software and Affected Versions: Online Travel Agency System version 1.0 Description: A SQL injection issue allows a remote attacker to execute arbitrary code via the page id parameter at the "article edit.php" endpoint. This enables the attacker to potentially access and...

SQL Injection Vulnerability in xycms edit_book.php Page id Parameter

XYCMS was formerly known as Nanjing XYCMS Enterprise Building System. After XYCMS editbook.php page id parameter exists SQL injection vulnerability, attackers can exploit the vulnerability to obtain database sensitive information...

Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2017-04905)

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. Revive Adserver has a cross-site scripting vulnerability. A remote attacker can exploit this vulnerability to...

Joomla! com_enmasse Component SQL Injection Vulnerability

Joomla! is an open source content management system CMS. The system provides RSS feeds , site search and other functions . A SQL injection vulnerability exists in the term?tmpl page id parameter of the Joomla!comenmasse component, which can be exploited by an attacker to compromise the applicatio...

CVE-2008-2789

SQL injection vulnerability in pages/index.php in BASIC-CMS allows remote attackers to execute arbitrary SQL commands via the pageid parameter...