143 matches found
CVE-2024-31025
SQL Injection vulnerability in ECshop 4.x allows an attacker to obtain sensitive information via the file/article.php component...
CVE-2024-31025
CVE-2024-31025 concerns ECshop 4.x. The vulnerability is a SQL injection in the file/article.php component, allowing an attacker to obtain sensitive information from the backend database. Affected software is ECshop 4.x; the root cause is lack of input validation in the SQL statements executed by...
CVE-2024-31025
SQL Injection vulnerability in ECshop 4.x allows an attacker to obtain sensitive information via the file/article.php component...
CVE-2024-31025
SQL Injection vulnerability in ECshop 4.x allows an attacker to obtain sensitive information via the file/article.php component...
BIT-MEDIAWIKI-2023-45364
An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1. Deleted revision existence is leaked due to incorrect permissions being checked. This reveals that a given revision ID belonged to the given page title, and its timestam...
CVE-2024-27689
Stupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via /update-article.php...
CVE-2024-27689
Stupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via /update-article.php...
CVE-2024-27689
The vulnerability CVE-2024-27689 affects Stupid Simple CMS v1.2.4 and is a Cross-Site Request Forgery (CSRF) via /update-article.php. CVSSv3.1 base score 8.8 ( HIGH ); attack vector Network, privileges required NONE, user interaction REQUIRED, confidentiality/ integrity/ availability HIGH. Connec...
CVE-2023-41619
Emlog Pro v2.1.14 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/article.php?action=write...
CVE-2023-41618
Emlog Pro v2.1.14 was discovered to contain a reflective cross-site scripting XSS vulnerability via the component /admin/article.php?activesavedraft...
CVE-2023-41618
Emlog Pro v2.1.14 was discovered to contain a reflective cross-site scripting XSS vulnerability via the component /admin/article.php?activesavedraft...
CVE-2023-41618
Emlog Pro v2.1.14 was discovered to contain a reflective cross-site scripting XSS vulnerability via the component /admin/article.php?activesavedraft...
MediaWiki Security Breach
MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A security vulnerability exists in MediaWiki, which stems from includes/page/Article.php checking...
CVE-2023-45364
An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1. Deleted revision existence is leaked due to incorrect permissions being checked. This reveals that a given revision ID belonged to the given page title, and its timestam...
PT-2023-6328 · Mediawiki +2 · Mediawiki +2
Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.36.x through 1.39.x before 1.39.5 MediaWiki versions 1.40.x before 1.40.1 Description: An issue was discovered in includes/page/Article.php. Deleted revision existence is leaked due to incorrect permissions being checked,...
CVE-2023-31946
File Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the artical.php...
CVE-2022-37111
BlueCMS 1.6 has SQL injection in line 132 of admin/article.php...
Sql injection
BlueCMS 1.6 has SQL injection in line 132 of admin/article.php...
CVE-2022-37111
CVE-2022-37111 concerns BlueCMS 1.6, where a SQL injection vulnerability is present in the file path admin/article.php at line 132. The issue stems from unsafeguarded database queries, enabling an attacker to inject SQL through input handled by that code path. The CVE has a NVD base score of 9.8 ...
CVE-2021-46204
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. SQL injection vulnerability via taocms\include\Model\Article.php...