CVE-2023-5017

A vulnerability was found in lmxcms up to 1.41. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin.php. The manipulation of the argument lid leads to sql injection. VDB-239858 is the identifier assigned to this vulnerability. NOTE: The vendor was...

CVE-2023-1947

A vulnerability was found in taoCMS 3.0.2. It has been classified as critical. Affected is an unknown function of the file /admin/admin.php. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used...

CVE-2022-3733

A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been classified as critical. This affects an unknown part of the file Admin/edit-admin.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploi...

CVE-2022-29682

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/vod/admin/topic/del...

CVE-2022-29664

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/plsave...

CVE-2022-29660

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/pic/del...

CVE-2022-29661

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save...

CVE-2022-28421

Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=posts=display=1=...

CVE-2022-28434

Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions=edit=2...

CVE-2022-24676

updatecode in Admin.php in HYBBS2 through 2.3.2 allows arbitrary file upload via a crafted ZIP archive...

CVE-2020-35346

CXUUCMS V3 3.1 is affected by a reflected XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the imgurl parameter of admin.php?c=content=add...

CVE-2020-21506

waimai Super Cms 20150505 contains a cross-site scripting XSS vulnerability in the component /admin.php?m=Config=add...

CVE-2020-19547

Directory Traversal vulnerability exists in PopojiCMS 2.0.1 via the id parameter in admin.php...

CVE-2020-20363

Crossi Site Scripting XSS vulnerability in PbootCMS 2.0.3 in admin.php...

CVE-2020-19165

PHPSHE 1.7 has SQL injection via the admin.php?mod=userid=1 userlevelid parameter...

CVE-2020-21003

Pbootcms v2.0.3 is vulnerable to Cross Site Scripting XSS via admin.php...

CVE-2020-21564

An issue was discovered in Pluck CMS 4.7.10-dev2 and 4.7.11. There is a file upload vulnerability that can cause a remote command execution via admin.php?action=files...

CVE-2020-21505

waimai Super Cms 20150505 contains a cross-site scripting XSS vulnerability in the component /admin.php/Link/addsave...

CVE-2012-4279

Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to execute arbitrary SQL commands via the 1 view parameter to agentdisplay.php or 2 edit parameter to admin/admin.php...

CVE-2019-7587

Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID parameter because this parameter is mishandled in the mode/admin.mode.php delBlockedBatch function...