4 matches found
PT-2026-21437
microASP Portal+ CMS contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the explode tree parameter. Attackers can send crafted requests to pagina.phtml with SQL injection payloads using extractvalue and...
Odoo Input Validation Error Vulnerability (CNVD-2019-30574)
Odoo is an open source commercial system from the Belgian company Odoo. An input validation error vulnerability exists in the dbfilter routing component of Odoo Community 11.0 and earlier versions Enterprise and Community, which arises from the program failing to properly filter host headers and...
zzcms SQL Injection Vulnerability (CNVD-2018-26018)
ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A SQL injection vulnerability exists in the zs/search.php file in ZZCMS version 8.3. A remote attacker can exploit this vulnerability to obtain the current database name of mysql with the help of pxzs cookie...
Advanced Guestbook version 2.4.2 Multiple Error Information Leak Vulnerabilities
netVigilance Security Advisory 11 Advanced Guestbook version 2.4.2 Multiple Error Information Leak Vulnerabilities Description: Advanced Guestbook is a PHP-based guestbook script. It includes many useful features such as preview, templates, e-mail notification, picture upload, page spanning , htm...