EUVD-2022-4338

Malicious code in bioql PyPI...

SQL Injection in Zenario 7.1-7.6

Zenario v7.1 - v7.6 has SQL injection via the Name input field of organizer.php or adminboxes.ajax.php in the Categories - Edit module...

GHSA-8HCM-JJ4X-4GMR reflected XSS in tribalsystems/zenario

Reflected XSS in the "adminboxes.ajax.php" component of Tribal Systems Zenario CMS v8.8.52729 allows remote attackers to execute arbitrary code by injecting into the "cID" parameter when creating a new HTML component...

Cross site scripting

Cross Site Scripting XSS in the "adminboxes.ajax.php" component of Tribal Systems Zenario CMS v8.8.52729 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "cID" parameter when creating a new HTML component...

CVE-2021-27673

CVE-2021-27673 is an XSS vulnerability in Tribal Systems Zenario CMS v8.8.52729, specifically in the admin_boxes.ajax.php component. The issue allows remote attackers to execute arbitrary code by injecting HTML into the cID parameter when creating a new HTML component. The core CVE description co...

Sql injection

Zenario v7.1 - v7.6 has SQL injection via the Name input field of organizer.php or adminboxes.ajax.php in the Categories - Edit module...

CVE-2018-5960

CVE-2018-5960 affects Zenario versions 7.1–7.6. The vulnerability is a SQL injection through the Name input field in the Categories - Edit module, specifically in organizer.php or admin_boxes.ajax.php. The attack surface is the affected web UI fields, where user-controlled input can be used to in...

CVE-2018-5960

Zenario v7.1 - v7.6 has SQL injection via the Name input field of organizer.php or adminboxes.ajax.php in the Categories - Edit module...

Zenario CMS 7.6 SQL Injection

Document Title: =============== Zenario v7.6 CMS - SQL Injection Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2043 Release Date: ============= 2018-01-16 Vulnerability Laboratory ID VL-ID: ==================================== 2043...