13 matches found
CVE-2025-67501
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain an SQL Injection vulnerability in the /html/matPat/editarcategoria.php endpoint. The application fails to properly validate and sanitize user inputs in the idcategoria...
CVE-2025-67501 WeGIA is vulnerable to SQL Injection via editar_categoria endpoint parameter
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain an SQL Injection vulnerability in the /html/matPat/editarcategoria.php endpoint. The application fails to properly validate and sanitize user inputs in the idcategoria...
CVE-2025-67501 WeGIA is vulnerable to SQL Injection via editar_categoria endpoint parameter
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain an SQL Injection vulnerability in the /html/matPat/editarcategoria.php endpoint. The application fails to properly validate and sanitize user inputs in the idcategoria...
CVE-2025-67501
Summary: CVE-2025-67501 affects WeGIA, an open source Web Manager for Institutions. Versions 3.5.4 and earlier expose an SQL Injection in the /html/matPat/editar_categoria.php endpoint due to insufficient validation/sanitization of the id_categoria parameter, enabling attacker-supplied SQL payloa...
Quiter Gateway SQL注入漏洞
Quiter Gateway is an API interface from Quiter Spain. A SQL injection vulnerability exists in Quiter Gateway versions prior to 4.7.0, which stems from an SQL injection in the pagina.filter.categoria parameter, which could lead to database manipulation...
PT-2024-22967 · Sportsnet · Sportsnet
Name of the Vulnerable Software and Affected Versions: SportsNET version 4.0.1 Description: The issue concerns SQL injection vulnerabilities that could allow an attacker to retrieve, update, and delete all information in the database by sending a specially crafted SQL query to the API endpoint:...
ifixmac.com.mx XSS vulnerability
Vulnerable URL: http://ifixmac.com.mx/index.php?seccion=buscador=categoria=iPad"'--!...
Joomla! 'com_tienda' Component 'categoria' Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37798/info The Joomla! 'comartistavenue' component is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scrip...
Netvidade engine v1.0 Multiple Vulnerabilities
Exploit for php platform in category web applications ============================================== Netvidade engine v1.0 Multiple Vulnerabilities ============================================== !/usr/bin/perl -w use strict; use LWP::UserAgent; use Getopt::Long; use MIME::Base64; '/ -.-...
postrev-rfi.txt
Post Revolution Remote File Inclusion Affected Software .: Post Revolution 6.6 / 7.0 Release Candidate 2 Download..: http://www.fabio.com.ar/postrev/ Risk ..............: high Date .........: 25/3/2007 Found by ..........: InyeXion Contact ...........: InyeXionatgmail.com Web .............:...
Sql injection
SQL injection vulnerability in Rigter Portal System RPS 6.2, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categoria parameter to the top-level URI index.php, possibly related to verdescarga.php...
CVE-2007-1293
SQL injection vulnerability in Rigter Portal System RPS 6.2, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categoria parameter to the top-level URI index.php, possibly related to verdescarga.php...
CVE-2007-1293
SQL injection vulnerability in Rigter Portal System RPS 6.2, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categoria parameter to the top-level URI index.php, possibly related to verdescarga.php...