CVE-2017-20273

CVE-2017-20273 affects Joomla Event Registration Pro Calendar 4.1.3. The connected docs confirm an SQL injection vulnerability in index.php where the id parameter (via option=com_registrationpro&view=category&id) can be exploited unauthenticated to execute arbitrary SQL and extract sensitive data...

PT-2026-50944

Name of the Vulnerable Software and Affected Versions Joomla! Component Calendar Planner version 1.0.1 Description An SQL injection allows unauthenticated attackers to inject SQL commands via the category id parameter. By sending GET requests to the events view containing malicious SQL code in th...

PHPGurukul Online Course Registration SQL注入漏洞

PHPGurukul Online Course Registration is an online course registration system provided by PHPGurukul Corporation. Version 3.1 of PHPGurukul Online Course Registration contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ‘cid’ in the file...

PHPGurukul Online Shopping Portal Project SQL注入漏洞

The PHPGurukul Online Shopping Portal Project is an online shopping portal project of PHPGurukul Corporation. Version 2.1 of the PHPGurukul Online Shopping Portal Project has a SQL injection vulnerability. This vulnerability arises from improper handling of the parameter ‘cid’ in the...

CVE-2026-30534

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...

CVE-2025-59544

Chamilo is a learning management system. Prior to version 1.11.34, the functionality for the user to update the category does not implement authorization checks for the "categoryid" parameter which allows users to update the category of any user by replacing the "categoryid" parameter. This issue...

CVE-2019-25443

Inventory Webapp contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through GET parameters. Attackers can supply malicious SQL payloads in the name, description, quantity, or catid parameters to add-item.php to execut...

CVE-2025-15443

A vulnerability was identified in CRMEB up to 5.6.1. This issue affects some unknown processing of the file /adminapi/product/productexport. Such manipulation of the argument cateid leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. T...

CVE-2025-12289 Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System 1001 cross site scripting

A flaw has been found in Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System 1.0. Affected by this vulnerability is an unknown functionality of the file /Point/index/activitystate/1/categoryid/1001. Executing manipulation of the argument categoryid can lead to...

EUVD-2010-4992

Malware in sbrugna...

Code-Projects News Publishing Site Dashboard 注入漏洞

Code-Projects News Publishing Site Dashboard is a Code-Projects open source news publishing site dashboard. An injection vulnerability exists in Code-Projects News Publishing Site Dashboard version 1.0, which stems from SQL injection due to incorrect manipulation of the parameter catid in the fil...

Code-Projects Real Estate Property Management System 注入漏洞

Code-Projects Real Estate Property Management System is a Code-Projects open source real estate property management system. An injection vulnerability exists in Code-Projects Real Estate Property Management System version 1.0, which stems from an incorrect manipulation of the parameters...

Campcodes Online Job Finder System SQL Injection Vulnerability

Campcodes Online Job Finder System is an online job finder system from Campcodes, Inc. A SQL injection vulnerability exists in version 1.0 of the Campcodes Online Job Finder System, which originates from a SQL injection vulnerability in the CATEGORYID parameter of the /admin/category/controller.p...

PT-2023-26649 · Unknown · Gugoan Economizzer

Name of the Vulnerable Software and Affected Versions: gugoan Economizzer versions 0.9-beta1 and commit 3730880 April 2023 Description: A SQL injection vulnerability exists in the cash book feature of gugoan Economizzer, specifically in the category id parameter, which is used to list...

bloofoxCMS SQL注入漏洞

bloofoxCMS is a Php-based text content management system by the individual developer of bloofoxCMS. A security vulnerability exists in bloofoxCMS version v0.5.2.1, which stems from the cid parameter found to contain an SQL injection vulnerability via...

Zhongbang CRMEB SQL注入漏洞

Zhongbang CRMEB is an open source e-commerce management system from China's Xi'an Zhongbang Network Zhongbang Company. CRMEB Java version 1.3.4 SQL injection vulnerability , the vulnerability stems from the file / api/admin/store/product/list function getAdminListe security issues , through the...

CVE-2022-23898

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml...

The vulnerability of the online shopping system – online-shopping-system-advanced – related to the failure to implement measures to neutralize specific elements, allows a hacker to execute arbitrary SQL code.

The vulnerability of the online-shopping-system-advanced system is related to the failure to eliminate certain special elements during the processing of the /homeaction.php catid parameter. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code using a specially...

CVE-2021-24342

The JNews WordPress theme before 8.0.6 did not sanitise the catid parameter in the POST request /?ajax-request=jnews with action=jnewsbuildmegacategory, leading to a Reflected Cross-Site Scripting XSS issue...

CVE-2017-17573

FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, or the search.php categoryid or subcategoryid parameter...