12 matches found
PT-2026-48782
Name of the Vulnerable Software and Affected Versions Beardev JoomSport versions prior to 5.7.7 Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection, a technique used to extract information from a database by asking true or false questions...
EUVD-2024-40244
Malicious code in bioql PyPI...
EUVD-2024-40813
Malicious code in bioql PyPI...
CVE-2024-44031
Missing Authorization vulnerability in BearDev JoomSport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JoomSport: from n/a through 5.6.3...
CVE-2024-44031
Missing Authorization vulnerability in beardev JoomSport joomsport-sports-league-results-management.This issue affects JoomSport: from n/a through = 5.6.3...
CVE-2024-43355
Missing Authorization vulnerability in BearDev JoomSport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JoomSport: from n/a through 5.3.0...
CVE-2024-43355
CVE-2024-43355 is a Missing Authorization vulnerability in the WordPress plugin JoomSport (BearDev) for Sports: Team & League. Affects JoomSport versions up to and including 5.3.0; root cause is misconfigured Access Control Security Levels, enabling unauthorized access. CVSSv3.1 base score 8.8 (N...
CVE-2024-44031
CVE-2024-44031 corresponds to a WordPress JoomSport plugin vulnerability (versions
CVE-2024-44031 WordPress JoomSport plugin <= 5.6.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in beardev JoomSport joomsport-sports-league-results-management.This issue affects JoomSport: from n/a through = 5.6.3...
CVE-2019-14348
The BearDev JoomSport plugin 3.3 for WordPress allows SQL injection to steal, modify, or delete database information via the joomsportseason/new-yorkers/?action=playerlist sid parameter...
Sql injection
The BearDev JoomSport plugin 3.3 for WordPress allows SQL injection to steal, modify, or delete database information via the joomsportseason/new-yorkers/?action=playerlist sid parameter...
CVE-2019-14348
CVE-2019-14348 affects BearDev JoomSport WordPress plugin 3.3. The vulnerability is a SQL injection in the joomsport_season/new-yorkers/?action=playerlist sid parameter, allowing an attacker to steal, modify, or delete database information. Affected product/version: WordPress JoomSport plugin 3.3 (