Lucene search
K

248 matches found

Positive Technologies
Positive Technologies
added 2024/11/07 12:0 a.m.4 views

PT-2024-16688 · Unknown · 1000 Projects Bookstore Management System

Name of the Vulnerable Software and Affected Versions: 1000 Projects Bookstore Management System version 1.0 Description: A critical issue has been identified in the 1000 Projects Bookstore Management System, affecting an unknown part of the file /admin/process category edit.php. The manipulation...

9.8CVSS7.8AI score0.00668EPSS
Exploits1References11
OSV
OSV
added 2023/02/03 6:15 p.m.4 views

CVE-2021-36503

SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...

9.8CVSS6AI score0.00855EPSS
Exploits1References1
NVD
NVD
added 2023/02/03 6:15 p.m.10 views

CVE-2021-36503

SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...

9.8CVSS9.8AI score0.00855EPSS
Exploits1References1
Prion
Prion
added 2023/02/03 6:15 p.m.21 views

Sql injection

SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...

7.5CVSS9.7AI score0.00855EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/02/03 12:0 a.m.7 views

native-php-cms SQL注入漏洞

native-php-cms is a website builder for FLi individual developers. A security vulnerability exists in version 1.0 of native-php-cms, which is caused by SQL injection and can be exploited by an attacker to run arbitrary SQL commands via the cat parameter in the /list.php file...

9.8CVSS8.8AI score0.00855EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/02/03 12:0 a.m.43 views

CVE-2021-36503

SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...

10AI score0.00855EPSS
Exploits1References1
NVD
NVD
added 2019/07/10 12:15 p.m.17 views

CVE-2018-12626

An issue was discovered in Eventum 3.5.0. /htdocs/popup.php has XSS via the cat parameter...

6.1CVSS6AI score0.00905EPSS
Exploits0References2
CNVD
CNVD
added 2018/01/26 12:0 a.m.3 views

Classified Ads CMS Quickad SQL Injection Vulnerability

Classified Ads CMS Quickad is a set of PHP based advertising website scripts. A SQL injection vulnerability exists in Classified Ads CMS Quickad version 4.0. A remote attacker can exploit this vulnerability by sending the 'keywords', 'placeid', 'cat', or 'subcat' parameters to the listing URI to...

9.8CVSS8.1AI score0.1915EPSS
Exploits5References1
Prion
Prion
added 2018/01/24 10:29 a.m.14 views

Sql injection

SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI...

7.5CVSS9.8AI score0.1915EPSS
Exploits5References1Affected Software1
CNVD
CNVD
added 2017/11/03 12:0 a.m.2 views

PHP CityPortal SQL Injection Vulnerability

PHP CityPortal is a corporate website building system developed by PhpCityPortal team in India. A SQL injection vulnerability exists in PHP CityPortal version 2.0. A remote attacker can exploit this vulnerability to inject SQL commands with the help of 'nid' or 'cat' parameter...

9.8CVSS8.2AI score0.02204EPSS
Exploits4References1
Prion
Prion
added 2017/10/29 6:29 a.m.16 views

Sql injection

PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter...

7.5CVSS9.8AI score0.02204EPSS
Exploits4References2Affected Software1
OSV
OSV
added 2017/10/29 6:29 a.m.5 views

CVE-2017-15970

PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter...

9.8CVSS5.8AI score0.02204EPSS
Exploits4References2
Cvelist
Cvelist
added 2017/10/29 6:0 a.m.15 views

CVE-2017-15970

PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter...

9.9AI score0.02204EPSS
Exploits4References2
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.10 views

Maian Greetings 2.1 - cat SQL Injection

Maian Greetings 2.1 - cat SQL Injection Exploit Title: Maian Greetings v2.1 - SQL Injection Google Dork: N/A Date: 04.04.2017 Vendor Homepage: http://www.maiansoftware.com/ Software: http://www.maiangreetings.com/?dl=yes Demo: http://www.maiansoftware.com/demos/greetings/ Version: 2.1 Tested on:...

0.3AI score
Exploits0
CNVD
CNVD
added 2017/02/13 12:0 a.m.2 views

Soccer Bet Component 'cat' Parameter SQL Injection Vulnerability in Joomla!

Joomla! is a globally recognized content management system. Soccer Bet is a functional plugin based on Joomla! A SQL injection vulnerability exists in the 'cat' parameter of the Soccer Bet component of Joomla! that can be exploited by attackers to access or modify database data...

8AI score
Exploits0References1
OSV
OSV
added 2017/01/28 6:59 p.m.14 views

CVE-2017-5609

SQL injection vulnerability in include/functionsentries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter...

8.8CVSS8.2AI score
Exploits0References3
NVD
NVD
added 2017/01/28 6:59 p.m.12 views

CVE-2017-5609

SQL injection vulnerability in include/functionsentries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter...

8.8CVSS8.9AI score0.01619EPSS
Exploits0References3
CNVD
CNVD
added 2016/12/14 12:0 a.m.5 views

Joomla extension DT Register SQL Injection Vulnerability

Joomla! DT Register is an online registration system. A SQL injection vulnerability exists in the cat0 parameter of the index.php page in Joomla! DT Register 3.1.12 and prior versions, which stems from the program's failure to adequately filter user-submitted input, and which can be exploited by ...

8AI score
Exploits0References1
Exploit DB
Exploit DB
added 2016/12/13 12:0 a.m.52 views

Joomla! Component DT Register - 'cat' SQL Injection

Title: SQL injection in Joomla extension DT Register Credit: Elar Lang / https://security.elarlang.eu Vulnerability: SQL injection Vulnerable version: before 3.1.12 Joomla 3.x / 2.8.18 Joomla 2.5 CVE: pending Full Disclosure URL:...

7.4AI score
Exploits0
NVD
NVD
added 2015/03/23 4:59 p.m.17 views

CVE-2015-2678

Multiple cross-site scripting XSS vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter in the categories page to gxadmin/index.php or 2 page parameter to index.php...

4.3CVSS5.8AI score0.05358EPSS
Exploits2References8
Rows per page
Query Builder