Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2026/03/04 5:15 p.m.5 views

CVE-2019-25503 PHPads 2.0 SQL Injection via click.php3 bannerID

PHPads 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the bannerID parameter in click.php3. Attackers can submit crafted bannerID values using SQL comment syntax and functions like extractvalue...

7.1CVSS6.2AI score0.00328EPSS
Exploits1References2
CVE
CVE
added 2026/03/04 5:15 p.m.8 views

CVE-2019-25503

CVE-2019-25503 affects PHPads 2.0. The vulnerability is an SQL injection in the bannerID parameter of click.php3, allowing unauthenticated attackers to craft values (e.g., SQL comments, extractvalue) to execute arbitrary queries and reveal data such as the current database name. The impact is hig...

7.1CVSS6.2AI score0.00328EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2024/04/03 4:15 a.m.4 views

CVE-2024-31010

SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Banner.php...

7.5CVSS5.9AI score0.00791EPSS
Exploits1References1
OSV
OSV
added 2023/03/17 2:15 p.m.2 views

CVE-2023-1471

The WP Popup Banners plugin for WordPress is vulnerable to SQL Injection via the 'bannerid' parameter in versions up to, and including, 1.2.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

6.5CVSS5.9AI score0.0094EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/17 12:0 a.m.1 views

PT-2023-17009 · WordPress · Wp Popup Banners

Name of the Vulnerable Software and Affected Versions: WP Popup Banners plugin for WordPress versions up to, and including, 1.2.5 Description: The issue allows for SQL Injection via the banner id parameter due to insufficient escaping on the user-supplied parameter and lack of sufficient...

8.8CVSS7AI score0.0094EPSS
Exploits0References7
CNVD
CNVD
added 2017/03/30 12:0 a.m.4 views

Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2017-04905)

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. Revive Adserver has a cross-site scripting vulnerability. A remote attacker can exploit this vulnerability to...

5.4CVSS5.4AI score0.0152EPSS
Exploits0References1
Rows per page
Query Builder