22 matches found
EUVD-2010-2032
Malware in sbrugna...
EUVD-2008-1867
Malware in sbrugna...
CVE-2024-42586
A Cross-Site Request Forgery CSRF in the component categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges...
CVE-2024-42576
A Cross-Site Request Forgery CSRF in the component editcategorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges...
CVE-2024-42576
A Cross-Site Request Forgery CSRF in the component editcategorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges...
CVE-2024-42582
A Cross-Site Request Forgery CSRF in the component deletecategorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges...
Warehouse Inventory System 安全漏洞
Warehouse Inventory System is a Warehouse Inventory Management System by Siamon Hasan Personal Developer. A cross-site request forgery vulnerability exists in Warehouse Inventory System version v2.0, which stems from a failure of the categorie.php component to adequately validate whether a reques...
PT-2024-30037 · Unknown · Warehouse Inventory System
Name of the Vulnerable Software and Affected Versions: Warehouse Inventory System version 2.0 Description: A Cross-Site Request Forgery CSRF issue in the edit categorie.php component allows attackers to escalate privileges. Recommendations: For Warehouse Inventory System version 2.0, consider...
PT-2024-30048 · Unknown · Warehouse Inventory System
Name of the Vulnerable Software and Affected Versions: Warehouse Inventory System version 2.0 Description: A Cross-Site Request Forgery CSRF issue in the categorie.php component allows attackers to escalate privileges. Recommendations: For Warehouse Inventory System version 2.0, consider disablin...
Warehouse Inventory System 安全漏洞
Warehouse Inventory System is a Warehouse Inventory Management System by Siamon Hasan Personal Developer. A cross-site request forgery vulnerability exists in Warehouse Inventory System v2.0, which stems from the editcategorie.php component not adequately verifying that a request comes from a...
PT-2024-30044 · Unknown · Warehouse Inventory System
Name of the Vulnerable Software and Affected Versions: Warehouse Inventory System version 2.0 Description: A Cross-Site Request Forgery CSRF issue in the delete categorie.php component allows attackers to escalate privileges. Recommendations: For Warehouse Inventory System version 2.0, consider...
Warehouse Inventory System 安全漏洞
Warehouse Inventory System is a Warehouse Inventory Management System by Siamon Hasan Personal Developer. A cross-site request forgery vulnerability exists in Warehouse Inventory System v2.0, which stems from the deletecategorie.php component not adequately verifying that a request comes from a...
Ecommerce-CodeIgniter-Bootstrap Cross-Site Scripting Vulnerability
Ecommerce-CodeIgniter-Bootstrap is a responsive, multi-vendor, multi-language online store platform shopping cart solution. Ecommerce-CodeIgniter-Bootstrap suffers from a cross-site scripting vulnerability that stems from cross-site scripting vulnerabilities in the searchtitle, catName, sub, name...
CVE-2021-44837
An issue was discovered in Delta RM 1.2. It is possible for an unprivileged user to access the same information as an admin user regarding the risk creation information in the /risque/administration/referentiel/json/create/categorie endpoint, using the idcat1 query parameter to indicate the risk...
CVE-2012-1227
Multiple cross-site request forgery CSRF vulnerabilities in admin.php in pluck 4.7 allow remote attackers to hijack the authentication of admins for requests that 1 modify the admin email address or 2 modify the blog title via a settings action; 3 add a page via an editpage action, or 4 add a...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in admin.php in pluck 4.7 allow remote attackers to hijack the authentication of admins for requests that 1 modify the admin email address or 2 modify the blog title via a settings action; 3 add a page via an editpage action, or 4 add a...
CVE-2010-2012
SQL injection vulnerability in function.php in MigasCMS 1.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categorie parameter in a catalogo action. NOTE: some of these details are obtained from third party information...
CVE-2010-2012
Overview: CVE-2010-2012 describes an SQL injection in MigasCMS 1.1. Affected software/component: MigasCMS 1.1; vulnerable code path is in function.php. Root cause / trigger: When magic_quotes_gpc is disabled, an attacker can manipulate the categorie parameter in a catalogo action to execute arbit...
Sql injection
SQL injection vulnerability in Blog Pixel Motion aka Blog PixelMotion allows remote attackers to execute arbitrary SQL commands via the categorie parameter to index.php, possibly related to include/requetesIndex.php...
CVE-2008-1867
SQL injection vulnerability in Blog Pixel Motion aka Blog PixelMotion allows remote attackers to execute arbitrary SQL commands via the categorie parameter to index.php, possibly related to include/requetesIndex.php...