CVE-2023-3689

A vulnerability classified as critical was found in Bylancer QuickQR 6.3.7. Affected by this vulnerability is an unknown functionality of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack can be launched remotely. The...

Bylancer QuickQR SQL注入漏洞

Bylancer QuickQR is a QR code restaurant menu maker from Bylancer. A SQL injection vulnerability exists in Bylancer QuickQR version 6.3.7, which stems from the presence of an unknown function in the blog in the component GET Parameter Handler, which leads to sql injection via parameter s. The...

Bylancer QuickOrder SQL注入漏洞

Bylancer QuickOrder is a WhatsApp food ordering plugin from Bylancer. A SQL injection vulnerability exists in Bylancer QuickOrder version 6.3.7, which stems from the presence of an unknown function in the blog in the component GET Parameter Handler, which leads to sql injection via parameter s. T...

CVE-2022-27423

Chamilo LMS v1.11.13 was discovered to contain a SQL injection vulnerability via the blogid parameter at /blog/blog.php...

callbackhunter.com XSS vulnerability

Vulnerable URL: http://callbackhunter.com/blog/?lang=ru"...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in views/notify.php in the Uploader plugin 1.0.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 notify or 2 blog parameter...

CVE-2012-1005

Multiple cross-site scripting XSS vulnerabilities in Sphinx Software Mobile Web Server 3.1.2.47 allow remote attackers to inject arbitrary web script or HTML via the comment parameter to a blog, as demonstrated using 1 Blog/MyFirstBlog.txt or 2 Blog/AboutSomething.txt...

CVE-2006-3827

SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Kailash Nadh boastMachine formerly bMachine 3.1 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the blog parameter...