187 matches found
CVE-2023-26905
An issue was discovered in Alphaware - Simple E-Commerce System v1.0. There is a SQL injection that can directly issue instructions to the background database system via /alphaware/details.php?id...
Sql injection
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file task-details.php. The manipulation of the argument taskid leads to sql injection. The attack may be initiated remotely. The exploi...
PT-2022-8002 · Itech · Tech Dating Script
Name of the Vulnerable Software and Affected Versions: Itech Dating Script version 3.26 Description: A critical issue was found in the file /see more details.php, where the manipulation of the id argument leads to sql injection. The attack can be launched remotely. The exploit has been disclosed ...
Wedding Management System SQL Injection Vulnerability (CNVD-2022-54296)
Wedding Management System is a wedding planning management system by John Paul Lim Gabule. v1.0 of Wedding Management System is vulnerable to SQL injection, which originates from Wedding-Management/wedding details.php page. details.php page lacks validation of externally entered SQL statements,...
Sourcecodester Complaint Management System SQL注入漏洞
Sourcecodester Complaint Management System is an open source Php project by Razormist individual developers. Used to request complaints through an online service . Sourcecodester Complaint Management System 1.0 version of the SQL injection vulnerability , the vulnerability stems from the product...
CVE-2020-25362
The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve all databases...
Sql injection
The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve all databases...
Online Shopping Alphaware 1.0 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Shopping Alphaware 1.0 - Multiple SQL Injection Vulnerabilty Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...
CVE-2019-6248
PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 has Reflected XSS via the srch parameter, as demonstrated by restaurants-details.php...
CVE-2019-6248
PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 has Reflected XSS via the srch parameter, as demonstrated by restaurants-details.php...
orbitkeyvans.com XSS vulnerability
Open Bug Bounty ID: OBB-647499 Description| Value ---|--- Affected Website:| orbitkeyvans.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2017-17587
FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter...
Sql injection
FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter...
CVE-2017-17587
FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter...
CVE-2017-17111
CVE-2017-17111 affects Posty Readymade Classifieds Script 1.0. Affected component: listings.php (catid parameter) and ads-details.php (ID parameter). Root cause: SQL injection due to insufficient input validation/sanitization in those endpoints, enabling an attacker to inject SQL commands via the...
Readymade Classifieds Script 1.0 - SQL Injection
Readymade Classifieds Script 1.0 - SQL Injection Exploit Title: Readymade Classifieds Script 1.0 - SQL Injection Dork: N/A Date: 02.12.2017 Vendor Homepage: http://www.scubez.net/ Software Link: http://www.posty.in/index.html Demo: http://www.posty.in/readymade-classifieds-demo.html Version: 1.0...
architectureforsale.com XSS vulnerability
Vulnerable URL: http://architectureforsale.com/property-details.php?propertyID=1"...
Cross site scripting
WebsiteBaker v2.10.0 has a stored XSS vulnerability in /account/details.php...
CVE-2017-9360
WebsiteBaker v2.10.0 has a SQL injection vulnerability in /account/details.php...
CVE-2017-9360
WebsiteBaker v2.10.0 is affected by a SQL injection in /account/details.php. The CNVD entry confirms a remote attacker can exploit this to execute arbitrary SQL commands, implying severe impact on confidentiality, integrity, and possibly availability. The CVE entry itself notes a SQL injection vu...