CVE-2025-15443 CRMEB product_export sql injection

A vulnerability was identified in CRMEB up to 5.6.1. This issue affects some unknown processing of the file /adminapi/product/productexport. Such manipulation of the argument cateid leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. T...

EUVD-2026-0778

A vulnerability was identified in CRMEB up to 5.6.1. This issue affects some unknown processing of the file /adminapi/product/productexport. Such manipulation of the argument cateid leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. T...

CVE-2025-15442

A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the file /adminapi/export/productlist. This manipulation of the argument cateid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2025-15442

CVE-2025-15442 affects CRMEB up to version 5.6.1. The vulnerability resides in the code path handling the file /adminapi/export/product_list, where manipulation of the argument cate_id leads to a SQL injection. A remote attacker could exploit this (no user interaction required). Public exploit gu...

CRMEB SQL注入漏洞

CRMEB is a Java mall system of CRMEB open source. A SQL injection vulnerability exists in CRMEB 5.6.1 and earlier versions, which originates from the incorrect operation of the parameter cateid in the file /adminapi/product/productexport, which could lead to a SQL injection attack...

CVE-2025-11288

A security flaw has been discovered in CRMEB up to 5.6. This issue affects some unknown processing of the file /adminapi/product/product of the component GET Parameter Handler. Performing a manipulation of the argument cateid results in sql injection. Remote exploitation of the attack is possible...

EUVD-2019-17106

Malware in sbrugna...

EUVD-2025-32450

A security flaw has been discovered in CRMEB up to 5.6. This issue affects some unknown processing of the file /adminapi/product/product of the component GET Parameter Handler. Performing manipulation of the argument cateid results in sql injection. Remote exploitation of the attack is possible...

CVE-2025-11288

A security flaw has been discovered in CRMEB up to 5.6. This issue affects some unknown processing of the file /adminapi/product/product of the component GET Parameter Handler. Performing a manipulation of the argument cateid results in sql injection. Remote exploitation of the attack is possible...

CVE-2025-11288 CRMEB GET Parameter product sql injection

A security flaw has been discovered in CRMEB up to 5.6. This issue affects some unknown processing of the file /adminapi/product/product of the component GET Parameter Handler. Performing a manipulation of the argument cateid results in sql injection. Remote exploitation of the attack is possible...

CVE-2025-11288 CRMEB GET Parameter product sql injection

A security flaw has been discovered in CRMEB up to 5.6. This issue affects some unknown processing of the file /adminapi/product/product of the component GET Parameter Handler. Performing a manipulation of the argument cateid results in sql injection. Remote exploitation of the attack is possible...

CRMEB 安全漏洞

CRMEB is a Java mall system of CRMEB open source. A security vulnerability exists in CRMEB 5.6 and earlier versions, which stems from an incorrect manipulation of the parameter cateid in the file /adminapi/product/product, which could lead to a SQL injection attack...

CVE-2024-5366

A vulnerability has been found in SourceCodester Best House Rental Management System up to 1.0 and classified as critical. This vulnerability affects unknown code of the file edit-cate.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The explo...

PT-2024-32011 · Unknown · Dingfanzu Cms

Name of the Vulnerable Software and Affected Versions: dingfanzu CMS version 1.0 Description: The issue is related to a Cross-Site Request Forgery CSRF that can be exploited via the "/admin/doAdminAction.php?act=addCate" API endpoint. This allows an attacker to perform unauthorized actions on the...

House Rental Management System SQL注入漏洞

House Rental Management System is a house rental management system by Carlo Montero Personal Developer. SourceCodester Best House Rental Management System 1.0 and prior versions have a SQL injection vulnerability that originates in the parameter id of the file edit-cate.php that can lead to SQL...

PT-2024-35801 · Sourcecodester · Sourcecodester Best House Rental Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best House Rental Management System versions up to 1.0 Description: A critical issue has been found in the SourceCodester Best House Rental Management System, affecting the file edit-cate.php. The manipulation of the id argumen...

CVE-2023-5033 OpenRapid RapidCMS cate-edit-run.php sql injection

A vulnerability classified as critical has been found in OpenRapid RapidCMS 1.3.1. This affects an unknown part of the file /admin/category/cate-edit-run.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

PT-2023-31531 · Openrapid · Openrapid Rapidcms

Name of the Vulnerable Software and Affected Versions: OpenRapid RapidCMS version 1.3.1 Description: A critical issue has been discovered, affecting the file /admin/category/cate-edit-run.php. The manipulation of the id argument leads to SQL injection, allowing for remote attacks. Recommendations...

CVE-2019-8360

Themerig Find a Place CMS Directory 1.5 has SQL Injection via the find/assets/external/data2.php cate parameter...

CVE-2019-8360

Themerig Find a Place CMS Directory 1.5 has SQL Injection via the find/assets/external/data2.php cate parameter...