Lucene search
K

187 matches found

Cvelist
Cvelist
added 2023/03/19 12:0 a.m.21 views

CVE-2023-26905

An issue was discovered in Alphaware - Simple E-Commerce System v1.0. There is a SQL injection that can directly issue instructions to the background database system via /alphaware/details.php?id...

10AI score0.00752EPSS
Exploits1References1
Prion
Prion
added 2023/02/18 8:15 a.m.18 views

Sql injection

A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file task-details.php. The manipulation of the argument taskid leads to sql injection. The attack may be initiated remotely. The exploi...

6.5CVSS9AI score0.01684EPSS
Exploits5References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/16 12:0 a.m.6 views

PT-2022-8002 · Itech · Tech Dating Script

Name of the Vulnerable Software and Affected Versions: Itech Dating Script version 3.26 Description: A critical issue was found in the file /see more details.php, where the manipulation of the id argument leads to sql injection. The attack can be launched remotely. The exploit has been disclosed ...

9.8CVSS9.6AI score0.00796EPSS
Exploits1References4
CNVD
CNVD
added 2022/06/09 12:0 a.m.22 views

Wedding Management System SQL Injection Vulnerability (CNVD-2022-54296)

Wedding Management System is a wedding planning management system by John Paul Lim Gabule. v1.0 of Wedding Management System is vulnerable to SQL injection, which originates from Wedding-Management/wedding details.php page. details.php page lacks validation of externally entered SQL statements,...

7.2CVSS2.9AI score0.00958EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/10/27 12:0 a.m.4 views

Sourcecodester Complaint Management System SQL注入漏洞

Sourcecodester Complaint Management System is an open source Php project by Razormist individual developers. Used to request complaints through an online service . Sourcecodester Complaint Management System 1.0 version of the SQL injection vulnerability , the vulnerability stems from the product...

9.8CVSS6.1AI score0.01591EPSS
Exploits1References1
NVD
NVD
added 2021/06/02 5:15 p.m.19 views

CVE-2020-25362

The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve all databases...

7.5CVSS0.02051EPSS
Exploits1References3
Prion
Prion
added 2021/06/02 5:15 p.m.12 views

Sql injection

The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve all databases...

5CVSS7.8AI score0.02051EPSS
Exploits1References3Affected Software1
0day.today
0day.today
added 2020/08/06 12:0 a.m.197 views

Online Shopping Alphaware 1.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Online Shopping Alphaware 1.0 - Multiple SQL Injection Vulnerabilty Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

0.1AI score
Exploits0
NVD
NVD
added 2019/01/13 12:29 a.m.19 views

CVE-2019-6248

PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 has Reflected XSS via the srch parameter, as demonstrated by restaurants-details.php...

6.1CVSS6.1AI score0.00655EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/01/13 12:0 a.m.20 views

CVE-2019-6248

PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 has Reflected XSS via the srch parameter, as demonstrated by restaurants-details.php...

6.1AI score0.00655EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2018/07/14 12:22 p.m.8 views

orbitkeyvans.com XSS vulnerability

Open Bug Bounty ID: OBB-647499 Description| Value ---|--- Affected Website:| orbitkeyvans.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
NVD
NVD
added 2017/12/13 9:29 a.m.22 views

CVE-2017-17587

FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter...

9.8CVSS10AI score0.02978EPSS
Exploits1References2
Prion
Prion
added 2017/12/13 9:29 a.m.12 views

Sql injection

FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter...

7.5CVSS9.9AI score0.02978EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2017/12/13 9:0 a.m.22 views

CVE-2017-17587

FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter...

10AI score0.02978EPSS
Exploits1References2
CVE
CVE
added 2017/12/11 5:0 p.m.48 views

CVE-2017-17111

CVE-2017-17111 affects Posty Readymade Classifieds Script 1.0. Affected component: listings.php (catid parameter) and ads-details.php (ID parameter). Root cause: SQL injection due to insufficient input validation/sanitization in those endpoints, enabling an attacker to inject SQL commands via the...

9.8CVSS9.5AI score0.088EPSS
Exploits2References2Affected Software1
exploitpack
exploitpack
added 2017/12/05 12:0 a.m.20 views

Readymade Classifieds Script 1.0 - SQL Injection

Readymade Classifieds Script 1.0 - SQL Injection Exploit Title: Readymade Classifieds Script 1.0 - SQL Injection Dork: N/A Date: 02.12.2017 Vendor Homepage: http://www.scubez.net/ Software Link: http://www.posty.in/index.html Demo: http://www.posty.in/readymade-classifieds-demo.html Version: 1.0...

0.5AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/29 2:22 p.m.11 views

architectureforsale.com XSS vulnerability

Vulnerable URL: http://architectureforsale.com/property-details.php?propertyID=1"...

6.9AI score
Exploits0
Prion
Prion
added 2017/06/02 5:29 a.m.12 views

Cross site scripting

WebsiteBaker v2.10.0 has a stored XSS vulnerability in /account/details.php...

4.3CVSS5.9AI score0.00632EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/06/02 5:4 a.m.18 views

CVE-2017-9360

WebsiteBaker v2.10.0 has a SQL injection vulnerability in /account/details.php...

9.8AI score0.01035EPSS
Exploits0References1
CVE
CVE
added 2017/06/02 5:4 a.m.40 views

CVE-2017-9360

WebsiteBaker v2.10.0 is affected by a SQL injection in /account/details.php. The CNVD entry confirms a remote attacker can exploit this to execute arbitrary SQL commands, implying severe impact on confidentiality, integrity, and possibly availability. The CVE entry itself notes a SQL injection vu...

9.8CVSS9.7AI score0.01035EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder