179 matches found
CVE-2022-27412
Explore CMS v1.0 was discovered to contain a SQL injection vulnerability via a /page.php?id= request...
Sql injection
Explore CMS v1.0 was discovered to contain a SQL injection vulnerability via a /page.php?id= request...
CVE-2022-27412
Explore CMS v1.0 was discovered to contain a SQL injection vulnerability via a /page.php?id= request...
Cross site scripting
The Custom Post Type Relations WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the cptrname parameter found in the /pages/admin-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0...
CVE-2021-34654 Custom Post Type Relations <= 1.0 Reflected Cross-Site Scripting
The Custom Post Type Relations WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the cptrname parameter found in the /pages/admin-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0...
CVE-2020-18445
Cross Site Scripting XSS vulnerability exists in YUNUCMS 1.1.9 via the upurl function in Page.php...
CVE-2020-18445
Cross Site Scripting XSS vulnerability exists in YUNUCMS 1.1.9 via the upurl function in Page.php...
Cross site scripting
Cross Site Scripting XSS vulnerability exists in YUNUCMS 1.1.9 via the upurl function in Page.php...
CVE-2020-18445
Cross Site Scripting XSS vulnerability exists in YUNUCMS 1.1.9 via the upurl function in Page.php...
CVE-2020-19888
DBHcms v1.2.0 has an unauthorized operation vulnerability because there's no access control at line 175 of dbhcms\page.php for empty cache operation. This vulnerability can be exploited to empty a table...
CVE-2020-19879
DBHcms v1.2.0 has a stored xss vulnerability as there is no security filter of $GET'dbhcmspid' variable in dbhcms\page.php line 107,...
CVE-2019-17599
The quiz-master-next aka Quiz And Survey Master plugin before 6.3.5 for WordPress is affected by: Cross Site Scripting XSS. The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the from or till parameter and/or the quizid parameter. The component is:...
CVE-2019-17599
The CVE-2019-17599 entry affects the WordPress plugin Quiz Master Next (Quiz And Survey Master) up to version 6.3.5. The vulnerability is a reflected XSS in the admin/quiz-options-page.php component that can be triggered via parameters such as from, till, or quiz_id when an administrator clicks a...
CVE-2019-17072
The new-contact-form-widget aka Contact Form Widget - Contact Query, Form Maker plugin 1.0.9 for WordPress has SQL Injection via all-query-page.php...
CVE-2018-1000638
MiniCMS version 1.1 contains a Cross Site Scripting XSS vulnerability in http://example.org/mc-admin/page.php?date=payload that can result in code injection...
CVE-2018-1000638
MiniCMS version 1.1 contains a Cross Site Scripting XSS vulnerability in http://example.org/mc-admin/page.php?date=payload that can result in code injection...
ninalieven.net XSS vulnerability
Open Bug Bounty ID: OBB-613651 Description| Value ---|--- Affected Website:| ninalieven.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
fertigreen.nl XSS vulnerability
Open Bug Bounty ID: OBB-605979 Description| Value ---|--- Affected Website:| fertigreen.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Sql injection
SQL Injection exists in Event Manager 1.0 via the event.php id parameter or the page.php slug parameter...
CVE-2018-6576
SQL Injection exists in Event Manager 1.0 via the event.php id parameter or the page.php slug parameter...