180 matches found
WordPress plugin Email Subscribers by Icegram Express Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A security vulnerability exists in the WordPress plugin...
CVE-2024-3816
Sites managed in S@M CMS Concept Intermedia might be vulnerable to a blind SQL Injection executed using the search bar. Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears...
CVE-2024-5329
The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to blind SQL Injection via the ‘dataaddonID’ parameter in all versions up to, and including, 1.5.109 due to insufficient escaping on the user supplied parameter and lack of sufficient preparati...
CVE-2024-1990
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to blind SQL Injection via the ‘id’ parameter of the RMForm shortcode in all versions up to, and including, 5.3.1.0 due to insufficient escaping on the user supplied...
CVE-2023-48823
A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an unauthenticated attacker to inject a payload via the email parameter during login...
CVE-2023-5624
Under certain conditions, Nessus Network Monitor was found to not properly enforce input validation. This could allow an admin user to alter parameters that could potentially allow a blindSQL injection...
CVE-2023-45162
Affected 1E Platform versions have a Blind SQL Injection vulnerability that can lead to arbitrary code execution. Application of the relevant hotfix remediates this issue. for v8.1.2 apply hotfix Q23166 for v8.4.1 apply hotfix Q23164 for v9.0.1 apply hotfix Q23169 SaaS implementations on v23.7.1...
WordPress plugin Slimstat Analytics SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists i...
PT-2023-16579 · WordPress · Wp Meta Seo
Name of the Vulnerable Software and Affected Versions: WP Meta SEO WordPress plugin versions prior to 4.5.3 Description: The issue is related to a blind SQL Injection vulnerability. It occurs because the plugin does not properly sanitize and escape inputs into SQL queries. This can be exploited b...
DEBIAN-CVE-2023-26034
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are affected by a SQL Injection vulnerability. The blind SQL Injection vulnerability is present within the...
CVE-2022-34972
So Filter Shop v3.x was discovered to contain multiple blind SQL injection vulnerabilities via the attvalueid , manuvalueid , optvalueid , and subcatevalueid parameters at /index.php?route=extension/module/sofiltershopby/filterdata...
CVE-2022-31296
Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/viewpost.php...
CVE-2022-30493
In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote attackers to dump all database credential and gain admin accessprivilege escalation...
CVE-2022-29687
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/leveldel...
CVE-2022-29684
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/jsdel...
CVE-2022-29683
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/pagedel...
CVE-2022-29680
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/zudel...
CVE-2022-29661
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save...
CVE-2022-29305
imgurl v2.31 was discovered to contain a Blind SQL injection vulnerability via /upload/localhost...
CVE-2022-28105
Online Sports Complex Booking System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /scbs/viewfacility.php...