CVE-2018-25352

The CVE-2018-25352 entry concerns the WordPress plugin Ultimate Form Builder Lite (version 1.3.7 and earlier). The vulnerability is a SQL injection in the entry_id parameter, exploitable via POST to admin-ajax.php with the ufbl_get_entry_detail_action action. Authenticated attackers can manipulat...

EUVD-2008-0840

Malware in sbrugna...

EUVD-2009-2769

Malware in sbrugna...

CVE-2025-55575

Summary: CVE-2025-55575 is a SQL Injection vulnerability in SMM Panel 3.1 that allows remote attackers to disclose sensitive information via a crafted HTTP request with the parameter action=service_detail. The CVSS v3.1 base score is 9.8 (CRITICAL) with network access, low attack complexity, no p...

CVE-2009-2779

SQL injection vulnerability in index.php in AJ Matrix DNA allows remote attackers to execute arbitrary SQL commands via the id parameter in a productdetail action...

Cross site scripting

Cross-site scripting XSS vulnerability in the photo gallery model in Exis Contexis before 2.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter in a detail action...

Mambo Component Ricette 1.0 - Remote SQL Injection Vulnerability

No description provided by source. joomla SQL Injectioncomricette AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl: comricette DORK 2 : allinurl: comricetteid EXPLOIT :...

Sql injection

Multiple SQL injection vulnerabilities in myGesuad 0.9.14 aka 0.9 allow remote attackers to execute arbitrary SQL commands via 1 the formUser parameter aka the Name field to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail...

CVE-2009-1746

SQL injection vulnerability in berita.php in Dian Gemilang DGNews 3.0 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action...

Sql injection

SQL injection vulnerability in featuredarticle.php in AJ Article 1.0 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a search detail action...

Sql injection

SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action...

CVE-2008-0833

SQL injection vulnerability in index.php in the comgaleria component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action...

CVE-2008-0746

SQL injection vulnerability in index.php in the Gallery comgallery component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action...

Sql injection

SQL injection vulnerability in index.php in the CatalogShop comcatalogshop 1.0b1 componenent for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action...

Sql injection

SQL injection vulnerability in index.php in the Arthur Konze AkoGallery comakogallery 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action...

CVE-2007-6160

Cross-site scripting XSS vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via the aarstal parameter in a yeardetail action...

CVE-2007-6159

SQL injection vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to execute arbitrary SQL commands via the aarstal parameter in a yeardetail action, a different vector than CVE-2006-1500...

CVE-2007-6160

CVE-2007-6160 describes a cross-site scripting (XSS) vulnerability in the index.php of Tilde CMS 4.x and earlier . The issue allows remote attackers to inject arbitrary web script or HTML via the aarstal parameter in a yeardetail action. The provided documents confirm the affected product/version...