4 matches found
CVE-2018-25319
Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myeventsid parameter. Attackers can send GET requests to the eventadd.php page with malicious myeventsid values to extract o...
CVE-2018-25319 Redaxo CMS Addon MyEvents 2.2.1 SQL Injection via event_add.php
Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myeventsid parameter. Attackers can send GET requests to the eventadd.php page with malicious myeventsid values to extract o...
CVE-2017-17988
The CVE-2017-17988 entry concerns PHP Scripts Mall Muslim Matrimonial Script, where a cross-site scripting vulnerability exists in the admin/event_add.php event_title parameter. The connected CNVD/NVD entries corroborate XSS existence via that parameter, indicating the vulnerability is centered o...
SiteXCMS 080 build 522 Multiple Vulnerabilities
Exploit for php platform in category web applications author: lemlajt software : SiteXCMS @ sourceforge.net version: 080 build 522 tested on: linux cve : = PoC : html injection = http://localhost/www/cmsadmins/SiteXCMS080build522/calendar.php?sxMonth=1&sxYear=test = Poc : xss =...