248 matches found
PT-2024-16688 · Unknown · 1000 Projects Bookstore Management System
Name of the Vulnerable Software and Affected Versions: 1000 Projects Bookstore Management System version 1.0 Description: A critical issue has been identified in the 1000 Projects Bookstore Management System, affecting an unknown part of the file /admin/process category edit.php. The manipulation...
CVE-2021-36503
SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...
CVE-2021-36503
SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...
Sql injection
SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...
native-php-cms SQL注入漏洞
native-php-cms is a website builder for FLi individual developers. A security vulnerability exists in version 1.0 of native-php-cms, which is caused by SQL injection and can be exploited by an attacker to run arbitrary SQL commands via the cat parameter in the /list.php file...
CVE-2021-36503
SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...
CVE-2018-12626
An issue was discovered in Eventum 3.5.0. /htdocs/popup.php has XSS via the cat parameter...
Classified Ads CMS Quickad SQL Injection Vulnerability
Classified Ads CMS Quickad is a set of PHP based advertising website scripts. A SQL injection vulnerability exists in Classified Ads CMS Quickad version 4.0. A remote attacker can exploit this vulnerability by sending the 'keywords', 'placeid', 'cat', or 'subcat' parameters to the listing URI to...
Sql injection
SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI...
PHP CityPortal SQL Injection Vulnerability
PHP CityPortal is a corporate website building system developed by PhpCityPortal team in India. A SQL injection vulnerability exists in PHP CityPortal version 2.0. A remote attacker can exploit this vulnerability to inject SQL commands with the help of 'nid' or 'cat' parameter...
Sql injection
PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter...
CVE-2017-15970
PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter...
CVE-2017-15970
PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter...
Maian Greetings 2.1 - cat SQL Injection
Maian Greetings 2.1 - cat SQL Injection Exploit Title: Maian Greetings v2.1 - SQL Injection Google Dork: N/A Date: 04.04.2017 Vendor Homepage: http://www.maiansoftware.com/ Software: http://www.maiangreetings.com/?dl=yes Demo: http://www.maiansoftware.com/demos/greetings/ Version: 2.1 Tested on:...
Soccer Bet Component 'cat' Parameter SQL Injection Vulnerability in Joomla!
Joomla! is a globally recognized content management system. Soccer Bet is a functional plugin based on Joomla! A SQL injection vulnerability exists in the 'cat' parameter of the Soccer Bet component of Joomla! that can be exploited by attackers to access or modify database data...
CVE-2017-5609
SQL injection vulnerability in include/functionsentries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter...
CVE-2017-5609
SQL injection vulnerability in include/functionsentries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter...
Joomla extension DT Register SQL Injection Vulnerability
Joomla! DT Register is an online registration system. A SQL injection vulnerability exists in the cat0 parameter of the index.php page in Joomla! DT Register 3.1.12 and prior versions, which stems from the program's failure to adequately filter user-submitted input, and which can be exploited by ...
Joomla! Component DT Register - 'cat' SQL Injection
Title: SQL injection in Joomla extension DT Register Credit: Elar Lang / https://security.elarlang.eu Vulnerability: SQL injection Vulnerable version: before 3.1.12 Joomla 3.x / 2.8.18 Joomla 2.5 CVE: pending Full Disclosure URL:...
CVE-2015-2678
Multiple cross-site scripting XSS vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter in the categories page to gxadmin/index.php or 2 page parameter to index.php...