16 matches found
EUVD-2017-9074
Malware in sbrugna...
CVE-2024-9907
A vulnerability classified as problematic was found in QileCMS up to 1.1.3. This vulnerability affects the function sendEmail of the file /qilecms/user/controller/Forget.php of the component Verification Code Handler. The manipulation leads to weak password recovery. The attack can be initiated...
QileCMS 授权问题漏洞
QileCMS is an open source community e-commerce system from QileCMS Open Source. An authorization issue vulnerability exists in QileCMS 1.1.3 and earlier versions, which stems from the sendEmail function in file /qilecms/user/controller/Forget.php can lead to weak password recovery...
CVE-2024-8167
A vulnerability was found in code-projects Job Portal 1.0. It has been classified as critical. Affected is an unknown function of the file /forget.php. The manipulation of the argument email/mobile leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2024-8167 code-projects Job Portal forget.php sql injection
A vulnerability was found in code-projects Job Portal 1.0. It has been classified as critical. Affected is an unknown function of the file /forget.php. The manipulation of the argument email/mobile leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2024-8167 code-projects Job Portal forget.php sql injection
A vulnerability was found in code-projects Job Portal 1.0. It has been classified as critical. Affected is an unknown function of the file /forget.php. The manipulation of the argument email/mobile leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...
PT-2024-38852 · Unknown · Code-Projects Job Portal
Name of the Vulnerable Software and Affected Versions: code-projects Job Portal version 1.0 Description: A critical issue has been found in the code-projects Job Portal. The problem is related to an unknown function of the file /forget.php. The manipulation of the email or mobile argument leads t...
CVE-2017-17931
PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter...
CVE-2017-17931
PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter...
Sql injection
PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter...
CVE-2017-17931
PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter...
Symantec Web Gateway forget.php Blind SQL Injection (SYM11-008)
Binary data 5991.prm...
Symantec Web Gateway forget.php Blind SQL Injection (SYM11-008)
According to its self-reported version number, the version of Symantec Web Gateway running on the remote host has a SQL injection vulnerability. Input to the 'username' parameter of the 'forget.php' script is not properly sanitized. A remote, unauthenticated attacker could exploit this to...
CVE-2011-0549
Concretely, CVE-2011-0549 affects Symantec Web Gateway 4.5.x, where the forget.php management interface passes the username parameter unfiltered, enabling remote SQL injection. The vulnerability allows an unauthenticated attacker to manipulate the backend database; CVSSv2 is 7.5 (HIGH). Vendor ad...
CVE-2011-0549
SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter...
Symantec Web Gateway forget.php SQL Injection Vulnerability
This vulnerability allows remote attackers to inject arbitrary SQL on vulnerable installations of the Symantec Web Gateway appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the username parameter of POST requests to the forget.php script. The...