CVE-2018-17988

LayerBB is affected: versions 1.1.1 and 1.1.3 expose an SQL Injection in the search.phpFile through the search_query parameter. The root cause is an injectable parameter in the search functionality, allowing an attacker to manipulate SQL commands. The CVE entry (CVE-2018-17988) lists this as a hi...

CMSsite 1.0 - search SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: CMSsite 1.0 - 'search' SQL injection Exploit Author : Majid kalantari email protected Vendor Homepage : https://github.com/VictorAlagwu/CMSsite Software link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1...

CVE-2018-19331

An issue was discovered in S-CMS v1.5. There is a SQL injection vulnerability in search.php via the keyword parameter...

CVE-2018-19331

An issue was discovered in S-CMS v1.5. There is a SQL injection vulnerability in search.php via the keyword parameter...

Cross site scripting

An issue was discovered in S-CMS v1.5. There is an XSS vulnerability in search.php via the keyword parameter...

CVE-2018-19145

This CVE concerns S-CMS v1.5 and an XSS vulnerability in search.php reachable via the keyword parameter. The issue is triggered through input handling in the search routine, allowing injection of web scripts or HTML. The core information confirms the vulnerability exists in the S-CMS 1.5 componen...

CVE-2018-19145

An issue was discovered in S-CMS v1.5. There is an XSS vulnerability in search.php via the keyword parameter...

Sql injection

An issue was discovered in zzcms 8.3. SQL Injection exists in zs/search.php via a pxzs cookie...

Sql injection

An issue was discovered in zzcms 8.3. SQL Injection exists in zs/subzs.php with a zzcmscpid cookie to zs/search.php...

CVE-2018-18785

An issue was discovered in zzcms 8.3. SQL Injection exists in zs/subzs.php with a zzcmscpid cookie to zs/search.php...

CVE-2018-18791

An issue was discovered in zzcms 8.3. SQL Injection exists in zs/search.php via a pxzs cookie...

Code injection

An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing...

CVE-2018-18083

CVE-2018-18083 affects DuomiCMS 3.0. Affected component: search.php, where the parameter searchword is processed and unsafely uses eval during if processing, enabling remote PHP code execution. This yields high/severe impact (NVD CVSS3: 9.8, CRITICAL; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Exploit...

CVE-2018-18083

An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing...

onlinenigeria.com XSS vulnerability

Open Bug Bounty ID: OBB-678753 Description| Value ---|--- Affected Website:| onlinenigeria.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

newbethelgarner.org XSS vulnerability

Open Bug Bounty ID: OBB-678338 Description| Value ---|--- Affected Website:| newbethelgarner.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

klub31.ru XSS vulnerability

Open Bug Bounty ID: OBB-678050 Description| Value ---|--- Affected Website:| klub31.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

biltmorecofc.org XSS vulnerability

Open Bug Bounty ID: OBB-677190 Description| Value ---|--- Affected Website:| biltmorecofc.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

jspresby.org XSS vulnerability

Open Bug Bounty ID: OBB-675021 Description| Value ---|--- Affected Website:| jspresby.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

backingtrackx.com XSS vulnerability

Open Bug Bounty ID: OBB-673921 Description| Value ---|--- Affected Website:| backingtrackx.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...