13 matches found
CVE-2025-67501
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain an SQL Injection vulnerability in the /html/matPat/editarcategoria.php endpoint. The application fails to properly validate and sanitize user inputs in the idcategoria...
CVE-2025-67501 WeGIA is vulnerable to SQL Injection via editar_categoria endpoint parameter
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain an SQL Injection vulnerability in the /html/matPat/editarcategoria.php endpoint. The application fails to properly validate and sanitize user inputs in the idcategoria...
CVE-2025-67501
Summary: CVE-2025-67501 affects WeGIA, an open source Web Manager for Institutions. Versions 3.5.4 and earlier expose an SQL Injection in the /html/matPat/editar_categoria.php endpoint due to insufficient validation/sanitization of the id_categoria parameter, enabling attacker-supplied SQL payloa...
CVE-2025-67501 WeGIA is vulnerable to SQL Injection via editar_categoria endpoint parameter
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain an SQL Injection vulnerability in the /html/matPat/editarcategoria.php endpoint. The application fails to properly validate and sanitize user inputs in the idcategoria...
Quiter Gateway SQL注入漏洞
Quiter Gateway is an API interface from Quiter Spain. A SQL injection vulnerability exists in Quiter Gateway versions prior to 4.7.0, which stems from an SQL injection in the pagina.filter.categoria parameter, which could lead to database manipulation...
PT-2024-22967 · Sportsnet · Sportsnet
Name of the Vulnerable Software and Affected Versions: SportsNET version 4.0.1 Description: The issue concerns SQL injection vulnerabilities that could allow an attacker to retrieve, update, and delete all information in the database by sending a specially crafted SQL query to the API endpoint:...
ifixmac.com.mx XSS vulnerability
Vulnerable URL: http://ifixmac.com.mx/index.php?seccion=buscador=categoria=iPad"'--!...
Joomla! 'com_tienda' Component 'categoria' Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37798/info The Joomla! 'comartistavenue' component is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scrip...
Netvidade engine v1.0 Multiple Vulnerabilities
Exploit for php platform in category web applications ============================================== Netvidade engine v1.0 Multiple Vulnerabilities ============================================== !/usr/bin/perl -w use strict; use LWP::UserAgent; use Getopt::Long; use MIME::Base64; '/ -.-...
postrev-rfi.txt
Post Revolution Remote File Inclusion Affected Software .: Post Revolution 6.6 / 7.0 Release Candidate 2 Download..: http://www.fabio.com.ar/postrev/ Risk ..............: high Date .........: 25/3/2007 Found by ..........: InyeXion Contact ...........: InyeXionatgmail.com Web .............:...
CVE-2007-1293
SQL injection vulnerability in Rigter Portal System RPS 6.2, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categoria parameter to the top-level URI index.php, possibly related to verdescarga.php...
Sql injection
SQL injection vulnerability in Rigter Portal System RPS 6.2, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categoria parameter to the top-level URI index.php, possibly related to verdescarga.php...
CVE-2007-1293
SQL injection vulnerability in Rigter Portal System RPS 6.2, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categoria parameter to the top-level URI index.php, possibly related to verdescarga.php...