251 matches found
EUVD-2019-20131
CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the catid parameter. Attackers can send GET requests to category.php with malicious catid values to extract sensitive database information includi...
CVE-2019-25697
CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the catid parameter. Attackers can send GET requests to category.php with malicious catid values to extract sensitive database information includi...
CVE-2019-25697
CMSsite 1.0 contains an SQL injection vulnerability exploitable via the cat_id parameter on category.php. Unauthenticated attackers can inject SQL to manipulate queries and exfiltrate sensitive data, including usernames and credentials. Impact is high for confidentiality and integrity, with succe...
Victor CMS SQL注入漏洞
Victor CMS is an open-source content management system developed by Victor Alagwu in Nigeria. Version 1.0 of Victor CMS has a SQL injection vulnerability, which stems from insufficient input validation for the catid parameter in the category.php file. This vulnerability may lead to SQL injection...
EUVD-2019-19805
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the catid parameter. Attackers can send GET requests to cat.php with malicious catid values to bypass authentication, extract sensitive data...
CVE-2019-25523 XooGallery Lastest Latest SQL Injection via cat.php
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the catid parameter. Attackers can send GET requests to cat.php with malicious catid values to bypass authentication, extract sensitive data...
CVE-2019-25523
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the catid parameter. Attackers can send GET requests to cat.php with malicious catid values to bypass authentication, extract sensitive data...
Xooscripts XooGallery SQL注入漏洞
Xooscripts XooGallery is a gallery management component developed by the Xooscripts company. Xooscripts XooGallery has a SQL injection vulnerability, which stems from the SQL injection vulnerability present in the catid parameter. This vulnerability could allow unverified attackers to manipulate...
📄 glFusion 1.3.0 Blind SQL Injection
A critical blind SQL injection vulnerability exists in glFusion CMS version 1.3.0, affecting the Media Gallery search functionality. The vulnerability allows unauthenticated remote attackers to execute arbitrary SQL commands and potentially compromise the entire database. This issue is older...
CVE-2022-50806 4images 1.9 - Remote Command Execution (RCE)
4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality. Attackers can save malicious code in the template and execute arbitrary commands by accessing a specific categories.php...
CVE-2022-50806 4images 1.9 - Remote Command Execution (RCE)
4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality. Attackers can save malicious code in the template and execute arbitrary commands by accessing a specific categories.php...
CVE-2025-14259
A vulnerability was found in Jihai Jshop MiniProgram Mall System 2.9.0. Affected by this issue is some unknown functionality of the file /index.php/api.html. The manipulation of the argument catid results in sql injection. The attack may be launched remotely. The exploit has been made public and...
CVE-2025-14259 Jihai Jshop MiniProgram Mall System api.html sql injection
A vulnerability was found in Jihai Jshop MiniProgram Mall System 2.9.0. Affected by this issue is some unknown functionality of the file /index.php/api.html. The manipulation of the argument catid results in sql injection. The attack may be launched remotely. The exploit has been made public and...
jshop_mall SQL注入漏洞
jshopmall Jshop small program mall is China Jihai technology hnjihai open source an e-commerce system. SQL injection vulnerability exists in jshopmall version 2.9.0, the vulnerability stems from the incorrect operation of the parameter catid in the file /index.php/api.html, which may lead to SQL...
EUVD-2007-4069
Malware in sbrugna...
EUVD-2008-2452
Malware in sbrugna...
EUVD-2008-6743
Malware in sbrugna...
EUVD-2008-4654
Malware in sbrugna...
EUVD-2009-0301
Malware in sbrugna...
EUVD-2007-4053
Malware in sbrugna...