15 matches found
CVE-2026-44381
MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, a SQL injection vulnerability existed in the handling of user-controlled ordering parameters in the event and shadow attribute listing endpoints. The affected code accepted order or sort values from request paramete...
CVE-2026-44381
MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, a SQL injection vulnerability existed in the handling of user-controlled ordering parameters in the event and shadow attribute listing endpoints. The affected code accepted order or sort values from request paramete...
EUVD-2025-18196
Malicious code in bioql PyPI...
CVE-2025-49467
A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was discovered. The extension is vulnerable to SQL injection via publicly accessible actions to list events by date ranges...
CVE-2025-49467 Joomla Extension - jevents.net - SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla
A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was discovered. The extension is vulnerable to SQL injection via publicly accessible actions to list events by date ranges...
CVE-2025-49467
CVE-2025-49467 describes a SQL injection in the JEvents Joomla extension. Affected: JEvents component for Joomla versions prior to 3.6.88 and prior to 3.6.82.1. Root cause: vulnerability in publicly accessible actions that list events by date ranges, allowing injection through the date-range quer...
Netartmedia Event Portal 2.0 - Email SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Netartmedia Event Portal 2.0 - 'Email' SQL Injection Date: 19.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/eventportal/ Demo Site: https://www.phpscriptdemos.com/events/ Version: 2.0...
Netartmedia Event Portal 2.0 - Email SQL Injection
Netartmedia Event Portal 2.0 - Email SQL Injection Exploit Title: Netartmedia Event Portal 2.0 - 'Email' SQL Injection Date: 19.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/eventportal/ Demo Site: https://www.phpscriptdemos.com/events/ Version: 2.0 Tested...
purdue.edu XSS vulnerability
Open Bug Bounty ID: OBB-548229 Description| Value ---|--- Affected Website:| purdue.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Dragon Internet Events Listing 2.0.01 admin_login.asp Multiple Field SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21098/info Dragon Event Listing is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow a...
Dragon Internet Events Listing 2.0.01 event_searchdetail.asp ID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21098/info Dragon Event Listing is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow a...
Dragon Internet Events Listing 2.0.01 - admin_login.asp Multiple Field SQL Injections
Dragon Internet Events Listing 2.0.01 - adminlogin.asp Multiple Field SQL Injections source: https://www.securityfocus.com/bid/21098/info Dragon Event Listing is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it ...
Dragon Internet Events Listing 2.0.01 - 'venue_detail.asp?VenueID' SQL Injection
source: https://www.securityfocus.com/bid/21098/info Dragon Event Listing is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...
Dragon Internet Events Listing 2.0.01 - venue_detail.asp?VenueID SQL Injection
Dragon Internet Events Listing 2.0.01 - venuedetail.asp?VenueID SQL Injection source: https://www.securityfocus.com/bid/21098/info Dragon Event Listing is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an S...
Dragon Internet Events Listing 2.0.01 - 'admin_login.asp' Multiple Field SQL Injections
source: https://www.securityfocus.com/bid/21098/info Dragon Event Listing is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...