EUVD-2019-20020

Inout Article Base CMS contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the 'p' and 'u' parameters. Attackers can inject SQL code using XOR-based payloads in GET requests to portalLogin.php to extract sensitive database information...

EUVD-2026-12783

The Writeprint Stylometry plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'p' GET parameter in all versions up to and including 0.1. This is due to insufficient input sanitization and output escaping in the bjlwprintstylocommentsnav function. The function directly...

CVE-2026-3512 Writeprint Stylometry <= 0.1 - Reflected Cross-Site Scripting via 'p' Parameter

The Writeprint Stylometry plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'p' GET parameter in all versions up to and including 0.1. This is due to insufficient input sanitization and output escaping in the bjlwprintstylocommentsnav function. The function directly...

CVE-2026-3512 Writeprint Stylometry <= 0.1 - Reflected Cross-Site Scripting via 'p' Parameter

The Writeprint Stylometry plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'p' GET parameter in all versions up to and including 0.1. This is due to insufficient input sanitization and output escaping in the bjlwprintstylocommentsnav function. The function directly...

CVE-2019-25509

XooDigital Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to extract sensitive database information...

CVE-2025-41080

A stored Cross-Site Scripting XSS vulnerability has been found in Seafile v12.0.10. This vulnerability allows an attacker to execute arbitrary code in the victim's browser by storing malicious payloads with POST parámetro 'p' in '/api/v2.1/repos/repoid/file/'...

EUVD-2025-201154

A stored Cross-Site Scripting XSS vulnerability has been found in Seafile v12.0.10. This vulnerability allows an attacker to execute arbitrary code in the victim's browser by storing malicious payloads with POST parámetro 'p' in '/api/v2.1/repos/repoid/file/'...

PT-2025-49018

Name of the Vulnerable Software and Affected Versions Seafile version 12.0.10 Description A stored Cross-Site Scripting XSS issue exists in Seafile. This allows an attacker to execute arbitrary code in a victim’s browser. The issue is caused by storing malicious payloads with the POST parameter p...

PYSEC-2025-198

In PyTorch through 2.6.0, when eager is used, nn.PairwiseDistancep=2 produces incorrect results...

PYSEC-2025-198

In PyTorch through 2.6.0, when eager is used, nn.PairwiseDistancep=2 produces incorrect results...

CVE-2025-9692

A vulnerability was found in Campcodes Online Shopping System 1.0. Affected is an unknown function of the file /product.php. Performing manipulation of the argument p results in sql injection. The attack may be initiated remotely. The exploit has been made public and could be used...

CVE-2025-9692

CVE-2025-9692 affects Campcodes Online Shopping System 1.0. The vulnerability is an SQL injection in /product.php via the p parameter. The attack can be performed remotely, and public exploit details exist. No patch/version fix information is provided in the supplied documents; remediation status...

CVE-2025-9692 Campcodes Online Shopping System product.php sql injection

A vulnerability was found in Campcodes Online Shopping System 1.0. Affected is an unknown function of the file /product.php. Performing manipulation of the argument p results in sql injection. The attack may be initiated remotely. The exploit has been made public and could be used...

CVE-2011-10009

S40 CMS v0.4.2 contains a path traversal vulnerability in its index.php page handler. The p parameter is not properly sanitized, allowing attackers to traverse the file system and access arbitrary files outside the web root. This can be exploited remotely without authentication by appending...

S40 CMS 安全漏洞

S40 CMS is a content management system by Osirys Personal Developers. A security vulnerability exists in S40 CMS version 0.4.2, which stems from improper cleaning of the parameter p in the index.php page handler, which could lead to a path traversal attack...

CVE-2024-49505

Summary: CVE-2024-49505 is a reflected-cross-site scripting (XSS) vulnerability in openSUSE Tumbleweed MirrorCache. The issue arises from improper input neutralization in the web page generation process, specifically affecting the REGEX and P parameters. Affected versions are MirrorCache before 1...

PT-2024-16645 · Ibphoenix · Ibphoenix Ibwebadmin

Name of the Vulnerable Software and Affected Versions: IBPhoenix ibWebAdmin versions up to 1.0.2 Description: A problem was found in the Tabelas Section, specifically in the file /toggle fold panel.php, where the manipulation of the argument p leads to cross-site scripting. This issue can be...

PT-2024-36018 · Winnmp · Winnmp

Name of the Vulnerable Software and Affected Versions: WinNMP version 19.02 Description: A vulnerability has been discovered that allows for an XSS attack via the /tools/redis.php page, specifically in the k, hash, key, and p parameters. This could enable a remote user to submit a specially craft...

Open redirect

Open redirect via parameter ‘p’ in login.php in Centreon 19.04.4 and below allows an attacker to craft a payload and execute unintended behavior...

Chadha PHPKB Cross-Site Scripting Vulnerability (CNVD-2020-18324)

Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A reflective cross-site scripting vulnerability exists in admin/edit-category.php in Chadha PHPKB Standard Multi-Language version 9...