Sql injection

A vulnerability, which was classified as critical, has been found in S-CMS up to 2.0build20220529-20231006. Affected by this issue is some unknown functionality of the file /member/ad.php?action=ad. The manipulation of the argument Atext/Aurl/Acontact leads to sql injection. The exploit has been...

CVE-2023-7190 S-CMS sql injection

A vulnerability, which was classified as critical, has been found in S-CMS up to 2.0build20220529-20231006. Affected by this issue is some unknown functionality of the file /member/ad.php?action=ad. The manipulation of the argument Atext/Aurl/Acontact leads to sql injection. The exploit has been...

zzcms cross-site scripting vulnerability

ZZCMS is a content management system CMS by Zzcms team in China. A cross-site scripting vulnerability exists in zzcms, which stems from a lack of effective filtering and escaping of modified user actions in ad.php in the software. No details of the vulnerability are available at this time...

zzcms 跨站脚本漏洞

ZZCMS is a content management system CMS by Zzcms team in China. A cross-site scripting vulnerability exists in zzcms, which stems from a lack of effective filtering and escaping of modified user actions in ad.php in the software. No details of the vulnerability are available at this time...

Sql injection

A SQL Injection issue was discovered in BlueCMS 1.6. The variable $adid is spliced directly in uploads/admin/ad.php in the admin folder, and is not wrapped in single quotes, resulting in injection around the escape of magic quotes...

tinypic.com XSS vulnerability

Vulnerable URL: http://tinypic.com/ad.php?area=='-alert'OPENBUGBOUNTY'-' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3687 VIP website status:| Yes Check tinypic.com SSL...

phpcms 2008 /ads/include/ads_place.class.php sql注入漏洞

漏洞产生位置： /ads/include/adsplace.class.php function show$placeid …………............. else $ads = $this-db-getone"SELECT FROM ".DBPRE."ads a, $this-table p WHERE a.placeid=p.placeid AND p.placeid=$placeid AND a.fromdate=UNIXTIMESTAMP AND a.passed=1 AND a.status=1 ORDER BY rand LIMIT 1"; $contents =...

CVE-2008-3025

SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter in a redir action...

Sql injection

SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter in a redir action...

CVE-2008-3025

CVE-2008-3025 describes an SQL injection in the PHP file ad.php of the application plx Ad Trader 3.2 . The vulnerability is exploitable through the adid parameter in a redir action, allowing remote attackers to execute arbitrary SQL commands. The associated CVSS v2 vector (AV:N/AC:L/Au:N/C:P/I:P/...

CVE-2008-3025

SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter in a redir action...

plx Ad Trader 'ad.php' SQL注入漏洞

BUGTRAQ ID: 30046 CNCAN ID：CNCAN-2008070302 plx Ad Trader是一款基于PHP的WEB应用程序。 plx Ad Trader不正确处理用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可能获得敏感信息或操作数据库。 问题由于'ad.php'脚本对用户提交给'adid'参数缺少过滤，构建恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 plx Web Studio Ad Trader 3.2 目前没有解决方案提供： http://plxwebdev.com/script/adtrader/...

Ad Manager Pro 2.6 (ipath) Remote File Include Vulnerability

No description provided by source. Ad Manager Pro 2.6 Remote File Include Vulnerability homepage: phpwebscripts.com Affected files: ad.php and common.php Credit: Basti Vulnerable Code: if $ipath include$ipath.'/common.php'; else include'./common.php'; Example:...