Linux Distros Unpatched Vulnerability : CVE-2020-13566

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to...

CVE-2020-10406

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/edit-group.php by adding a question mark ? followed by the payload...

CVE-2020-13566

SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability In admin/editgroup.php, when the POST parameter action is “Delete”, the POST parameter deletegroup leads to a SQL...

CVE-2021-46446

H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/admin.php?module=adminaccessgroupedit&aagID...

UBUNTU-CVE-2020-13568

SQL injection vulnerability exists in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability in admin/editgroup.php, when the POST parameter action is “Submit”, the POST parameter parentid leads to a SQL...

UBUNTU-CVE-2020-13566

SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability In admin/editgroup.php, when the POST parameter action is “Delete”, the POST parameter deletegroup leads to a SQL...

phpGACL SQL注入漏洞

phpGACL is an open source PHP class for Web developers to provide a simple but powerful "insert" permission system . For its current Web-based applications to use . Phpgacl version 3.3.7 SQL injection vulnerability , the vulnerability stems from the program admin/edit group.php page SQL injection...

PT-2021-9640 · Phpgacl · Phpgacl

Name of the Vulnerable Software and Affected Versions: phpGACL version 3.3.7 Description: The issue allows for SQL injection through a specially crafted HTTP request. In the file admin/edit group.php, when the POST parameter action is set to “Delete”, the POST parameter delete group can lead to a...

CVE-2020-10406

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/edit-group.php by adding a question mark ? followed by the payload...

PT-2020-12076 · Chadha · Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS attacks. This can be exploited in admin/edit-group.php by adding a question mark ? followe...