3 matches found
Sql injection
internal/advancedcommentsystem/admin.php in Advanced Comment System 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query, allowing remote attackers to execute the sqli attack via a URL in the "page" parameter...
CVE-2018-18619
CVE-2018-18619 : The vulnerability affects the web app Advanced Comment System 1.0 , in the file internal/advanced_comment_system/admin.php . It is prone to an SQL injection because user-supplied data is not sufficiently sanitized before use in an SQL query, enabling remote attackers to trigger t...
Advanced Comment System 1.0 - Multiple Remote File Inclusions
Advanced Comment System 1.0 - Multiple Remote File Inclusions ====================================================== Advanced comment system1.0 Remote File Inclusion Vulnerability Found by : kurdish hackers team C0ntact : pshela at YaHoo .com Groups : Kurd-Team site : www.kurdteam.org...