Lucene search
K

8 matches found

Vulnrichment
Vulnrichment
added 2026/06/15 12:0 p.m.8 views

CVE-2016-20072 BBS e-Franchise 1.1.1 WordPress Plugin SQL Injection via uid

BBS e-Franchise 1.1.1 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the uid parameter. Attackers can craft requests to pages using the plugin's shortcode with UNION-based SQL...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/15 12:0 p.m.9 views

EUVD-2016-10884

BBS e-Franchise 1.1.1 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the uid parameter. Attackers can craft requests to pages using the plugin's shortcode with UNION-based SQL...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
CVE
CVE
added 2026/06/15 12:0 p.m.22 views

CVE-2016-20072

CVE-2016-20072 affects the BBS e-Franchise 1.1.1 WordPress plugin. The vulnerability is an SQL injection in the uid parameter used by the plugin’s shortcode, enabling unauthenticated attackers to craft requests (Union-based SQLi) to extract sensitive data (e.g., user information, taxonomy terms)....

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.16 views

PT-2026-49210

BBS e-Franchise 1.1.1 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the uid parameter. Attackers can craft requests to pages using the plugin's shortcode with UNION-based SQL...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References5
WPVulnDB
WPVulnDB
added 2016/11/12 12:0 a.m.7 views

BBS e-Franchise 1.1.1 - Unauthenticated SQL Injection

$GET‘uid’ is not escaped, the URL is accessible for any user. You will have find a post or page that uses the plugin's shortcode. PoC...

7.2AI score
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2016/11/12 12:0 a.m.17 views

WordPress Plugin BBS e-Franchise 1.1.1 - SQL Injection

WordPress Plugin BBS e-Franchise 1.1.1 - SQL Injection Exploit Title: BBS e-Franchise 1.1.1 Plugin of WordPress – Sql Injection Date: 12/11/2016 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/bbs-e-franchise/ Software Link: https://wordpress.org/plugins/bbs-e-franchise...

8.6AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/12 12:0 a.m.30 views

WordPress Plugin BBS e-Franchise 1.1.1 - SQL Injection

Exploit Title: BBS e-Franchise 1.1.1 Plugin of WordPress – Sql Injection Date: 12/11/2016 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/bbs-e-franchise/ Software Link: https://wordpress.org/plugins/bbs-e-franchise/ Contact: http://twitter.com/lenonleite Website:...

7AI score
Exploits0
wpexploit
wpexploit
added 2016/11/12 12:0 a.m.12 views

BBS e-Franchise 1.1.1 - Unauthenticated SQL Injection

$GET‘uid’ is not escaped, the URL is accessible for any user. You will have find a post or page that uses the plugin's shortcode...

1AI score
Exploits0References2
Rows per page
Query Builder