5 matches found
CVE-2019-10852
Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers=startpulling= substring...
WordPress Survey Maker plugin <= 1.5.5 - Authenticated Blind SQL Injection (SQLi) vulnerability
Authenticated Blind SQL Injection SQLi vulnerability discovered by To Quang Duong in WordPress Survey Maker plugin versions = 1.5.5. Solution Update the WordPress Survey Maker plugin to the latest available version at least 1.5.6...
Sql injection
Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=startpulling&id= substring...
rk-responsive-contact-form 1.0 - Authenticated Blind SQL Injection
The rk-responsive-contact-form WordPress plugin was affected by an Authenticated Blind SQL Injection security vulnerability...
ZM Gallery 1.0 – Authenticated Blind SQL Injection
The plugin is still affected and has been closed. Type user access: admin user. $GET‘order’ is escaped wrong. Attack with Blind Injection PoC python sqlmap.py -u "http://www.example.com/wp-admin/admin.php?page=zmgallery=name=desc" --dbs --cookie="cookie of admin user" --level=5 --dbms=mysql...