1599 matches found
CVE-2022-29687
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/leveldel...
CVE-2022-29667
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted photos...
Sql injection
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/pagedel...
Sql injection
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/topic/save...
Sql injection
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan...
Sql injection
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/news/save...
Sql injection
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/pic/del...
Sql injection
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/lists/zhuan...
Sql injection
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan...
Sql injection
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Links/del...
Sql injection
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/plsave...
Sql injection
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save...
CVE-2022-29686
CVE-2022-29686 affects CSCMS Music Portal System v4.2 and is due to a blind SQL injection in the id parameter of the endpoint /admin.php/singer/admin/lists/zhuan. The connected sources consistently describe a SQLi vulnerability that can expose or alter data in the backend; no exploitation details...
CVE-2022-29667
CVE-2022-29667 affects CSCMS Music Portal System v4.2 and involves a SQL injection vulnerability in the path /admin.php/pic/admin/pic/hy, exploitable by restoring deleted photos. Root cause: lack of input validation on the id parameter leading to SQL command execution. Impact is reported as data ...
CVE-2022-29665
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/topic/save...
CVE-2022-29661
CVE-2022-29661 affects CSCMS Music Portal System v4.2. It has a blind SQL injection in the id parameter of /admin.php/pic/admin/type/save due to lack of input validation, enabling an attacker to execute SQL statements and potentially exfiltrate data. Root cause: unsanitized id parameter. Impact a...
CVE-2021-40317
Piwigo 11.5.0 is affected by a SQL injection vulnerability via admin.php and the id parameter...
CVE-2021-40317
Piwigo 11.5.0 is affected by a SQL injection vulnerability via admin.php and the id parameter...
Sql injection
Piwigo 11.5.0 is affected by a SQL injection vulnerability via admin.php and the id parameter...
CVE-2021-40317
Piwigo 11.5.0 is affected by a SQL injection via admin.php and the id parameter. Root cause: lack of input validation in the vulnerable query. Impact: potential to execute arbitrary SQL, exposing database data. CVSS data from NVD indicates severity up to HIGH (3.1) / 8.8, with network attack vect...