CVE-2025-12294 SourceCodester Point of Sales delete_category.php sql injection

A security flaw has been discovered in SourceCodester Point of Sales 1.0. Impacted is an unknown function of the file /deletecategory.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may...

CVE-2022-26613

PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability via the category parameter in categorymenu.php...

Ultimate WebBoard 3.00 - Category SQL Injection

Ultimate WebBoard 3.00 - Category SQL Injection ================================================================================ Ultimate Webboard webboard.php Category Remote SQL Injection Vulnerability ================================================================================...

PHP-Nuke Category参数SQL注入漏洞

PHP-Nuke是一个广为流行的网站创建和管理工具，它可以使用很多数据库软件作为后端，比如MySQL、PostgreSQL、mSQL、Interbase、Sybase等。PHP-Nuke包含的'index.php'脚本对用户提交的参数缺少充分过滤，远程攻击者可以利用这个漏洞进行SQL注入攻击，可能获得数据库敏感信息及修改数据库内容。当执行搜索时，index.php脚本对用户提交给$category变量的数据缺少充分过滤，提交包含SQL命令的数据作为$category变量参数，可更改原来数据库逻辑，获得数据库敏感信息及修改数据库内容。 Francisco Burzi...