5 matches found
CVE-2019-25676
Ask Expert Script 3.0.5 contains cross-site scripting and SQL injection vulnerabilities that allow unauthenticated attackers to inject malicious code by manipulating URL parameters. Attackers can inject script tags through the cateid parameter in categorysearch.php or SQL code through the view...
PT-2026-30484
Ask Expert Script 3.0.5 contains cross-site scripting and SQL injection vulnerabilities that allow unauthenticated attackers to inject malicious code by manipulating URL parameters. Attackers can inject script tags through the cateid parameter in categorysearch.php or SQL code through the view...
CVE-2023-1608
A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. It has been declared as critical. This vulnerability affects the function getAdminList of the file /api/admin/store/product/list. The manipulation of the argument cateId leads to sql injection. The attack can be initiated remotely. T...
PT-2023-17114 · Zhong Bang · Crmeb
Name of the Vulnerable Software and Affected Versions: Zhong Bang CRMEB Java versions up to 1.3.4 Description: A critical issue affects the function getAdminList of the file "/api/admin/store/product/list". The manipulation of the argument cateId leads to sql injection. The attack can be initiate...
Anhui Hope Technology enterprise website management system cateid parameters exist SQL injection vulnerability
Hope Technology Enterprise Website Management System is a website management system developed and managed by Anhui Hope Network Technology Co. There is a SQL injection vulnerability in the cateid parameter of the Hope Technology enterprise website management system. Attackers can use the...