Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

53 matches found

Vulnrichment
Vulnrichmentadded last week7 views

CVE-2018-25407 eNdonesia Portal 8.7 SQL Injection via mod.php

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters across...

8.8CVSS6.2AI score0.0009EPSS
Exploits0References4
Cvelist
Cvelistadded last week28 views

CVE-2018-25407 eNdonesia Portal 8.7 SQL Injection via mod.php

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters across...

8.8CVSS0.0009EPSS
Exploits0References4
CVE
CVEadded last week10 views

CVE-2018-25407

CVE-2018-25407 affects eNdonesia Portal 8.7, where multiple SQL injection flaws in mod.php allow unauthenticated attackers to execute arbitrary SQL via parameters such as artid, cid, did, contid, and aboutid across the publisher, diskusi, galeri, content, and about modules. The issue can be used ...

8.8CVSS6.2AI score0.0009EPSS
Exploits0References4
CVE
CVEadded last week11 views

CVE-2018-25406

CVE-2018-25406 affects the eNdonesia Portal 8.7, where multiple SQL injection vulnerabilities allow unauthenticated attackers to run arbitrary SQL queries via mod.php. The attacker can inject SQL through parameters artid, cid, did, contid, and aboutid across modules including publisher, diskusi, ...

8.8CVSS6.2AI score0.0009EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded last week5 views

CVE-2018-25407

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters across...

8.8CVSS6.2AI score0.0009EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded last week27 views

CVE-2018-25406 eNdonesia Portal 8.7 SQL Injection via mod.php

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters across...

8.8CVSS0.0009EPSS
Exploits0References4
Cvelist
Cvelistadded last week29 views

CVE-2018-25405 eNdonesia Portal 8.7 SQL Injection via mod.php

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters to extract...

8.8CVSS0.0009EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/30 12:0 a.m.6 views

PT-2026-45107

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters across...

8.8CVSS6.2AI score0.0009EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/05/30 12:0 a.m.4 views

eNdonesia Portal SQL注入漏洞

eNdonesia Portal is a system platform developed by eNdonesia’s individual developers, offering functions for portal content management and information publishing. Version 8.7 of eNdonesia Portal has a SQL injection vulnerability. This vulnerability arises from injecting malicious code through...

8.8CVSS6.1AI score0.0009EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/30 12:0 a.m.8 views

PT-2026-45105

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters to extract...

8.8CVSS6.1AI score0.0009EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2008-6825

Malware in sbrugna...

7.5CVSS6.4AI score0.0036EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2008-5190

Malware in sbrugna...

7.5CVSS6.4AI score0.00436EPSS
Exploits2References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2005-3304

Malware in sbrugna...

7.5CVSS6.4AI score0.03489EPSS
Exploits0References13
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2006-2818

Malware in sbrugna...

6.8CVSS6.4AI score0.00416EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2010-3459

Malware in sbrugna...

7.5CVSS6.4AI score0.00103EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2008-6688

Malware in sbrugna...

7.5CVSS6.4AI score0.0036EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/05/22 7:24 p.m.3 views

CVE-2021-24957

The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvcresetcountart AJAX action, available to any authenticated user, leading to a SQL injection...

8.8CVSS7AI score0.00703EPSS
Exploits2References1
OSV
OSVadded 2022/04/25 4:16 p.m.1 views

CVE-2021-24957

The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvcresetcountart AJAX action, available to any authenticated user, leading to a SQL injection...

8.8CVSS5.8AI score
Exploits0References1
Prion
Prionadded 2022/04/25 4:16 p.m.8 views

Sql injection

The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvcresetcountart AJAX action, available to any authenticated user, leading to a SQL injection...

6.5CVSS8.8AI score0.00703EPSS
Exploits2References1Affected Software1
exploitpack
exploitpackadded 2018/10/22 12:0 a.m.18 views

eNdonesia Portal 8.7 - artid SQL Injection

eNdonesia Portal 8.7 - artid SQL Injection Exploit Title: eNdonesia Portal 8.7 - 'artid' SQL Injection Dork: N/A Date: 2018-10-21 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.endonesia.org/ Software Link: https://sourceforge.net/projects/endonesia/files/latest/download Version: 8.7...

0.9AI score
Exploits0
Rows per page
Query Builder