CVE-2021-35283

SQL Injection vulnerability in productadmin.php in atoms183 CMS 1.0, allows attackers to execute arbitrary commands via the Name, Fname, and ID parameters to search.php...

Sql injection

SQL Injection vulnerability in productadmin.php in atoms183 CMS 1.0, allows attackers to execute arbitrary commands via the Name, Fname, and ID parameters to search.php...

CVE-2021-35283

SQL Injection vulnerability in productadmin.php in atoms183 CMS 1.0, allows attackers to execute arbitrary commands via the Name, Fname, and ID parameters to search.php...

Exploit for SQL Injection in Phpipam

CVE-2022-23046 The original discovery and manual PoC is from...

Code injection

PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet" parameter while searching a subnet via app/admin/routing/edit-bgp-mapping-search.php...

CVE-2020-18263

PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability in the component search.php via the search parameter. This vulnerability allows attackers to access sensitive database information...

CVE-2020-18263

CVE-2020-18263 affects PHP-CMS v1.0, with a SQL injection in the search.php component via the search parameter. This allows attackers to access sensitive database information. Root cause: input from the search parameter is not properly sanitized/validated. Impact is exposure of data; no exploitat...

CVE-2021-42224

SQL Injection vulnerability exists in IFSC Code Finder Project 1.0 via the searchifsccode POST parameter in /search.php...

CVE-2020-18913

EARCLINK ESPCMS-P8 was discovered to contain a SQL injection vulnerability in the espcmsweb/Search.php component via the attrarray parameter. This vulnerability allows attackers to access sensitive database information...

Sql injection

EARCLINK ESPCMS-P8 was discovered to contain a SQL injection vulnerability in the espcmsweb/Search.php component via the attrarray parameter. This vulnerability allows attackers to access sensitive database information...

CVE-2021-39599

CVE-2021-39599 affects CXUUCMS 3.1, with multiple XSS vulnerabilities in public/search.php (search parameter) and admin.php (c parameter). The root cause is unsanitized input leading to client-side code execution. Impact is documented as XSS with potential impact on confidentiality/integrity depe...

CVE-2021-39599

Multiple Cross Site Scripting XSS vulnerabilities exists in CXUUCMS 3.1 in the search and c parameters in 1 public/search.php and in the 2 c parameter in admin.php...

CVE-2021-26224

Cross-site scripting XSS vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote attackers to inject arbitrary web script or HTML via the search field to search.php...

Cross site scripting

Cross-site scripting XSS vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote attackers to inject arbitrary web script or HTML via the search field to search.php...

CVE-2021-26224

Cross-site scripting XSS vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote attackers to inject arbitrary web script or HTML via the search field to search.php...

CVE-2021-26224

CVE-2021-26224 : A cross-site scripting (XSS) vulnerability in SourceCodester Fantastic-Blog-CMS v1.0 allows remote attackers to inject arbitrary web script or HTML via the search field (search.php). The connected references confirm the affected product/version and the input vector, but no detail...

SourceCodester Fantastic-Blog-CMS 跨站脚本漏洞

SourceCodester Fantastic-Blog-CMS is an application. A blogging system. version 1.0 of SourceCodester Fantastic-Blog-CMS contains a security vulnerability that can be exploited by remote attackers to inject arbitrary web script or HTML via the search field search.php...

Sql injection

Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php...

CVE-2021-28423

Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php...

PHPFusion < 8.00.90 / 9.x < 9.10.00 XSS/CSRF Vulnerability

PHPFusion is prone to a cross-site scripting XSS and cross-site request forgery CSRF vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...