12 matches found
CVE-2021-47811
Grocery Crud 1.6.4 contains a SQL injection vulnerability in the orderby parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the orderby parameter in POST requests to the ajaxlist endpoint to potentially extract or modify database...
CVE-2021-47811
Grocery Crud 1.6.4 contains a SQL injection vulnerability in the orderby parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the orderby parameter in POST requests to the ajaxlist endpoint to potentially extract or modify database...
Grocery Crud security vulnerability
Grocery Crud is an open-source software development tool created by Grocery Crud. Version 1.6.4 of Grocery Crud contains a security vulnerability, which stems from SQL injection in the orderby parameter, potentially allowing for manipulation of database queries...
CVE-2021-47811 Grocery crud 1.6.4 - 'order_by' SQL Injection
Grocery Crud 1.6.4 contains a SQL injection vulnerability in the orderby parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the orderby parameter in POST requests to the ajaxlist endpoint to potentially extract or modify database...
CVE-2021-47811 Grocery crud 1.6.4 - 'order_by' SQL Injection
Grocery Crud 1.6.4 contains a SQL injection vulnerability in the orderby parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the orderby parameter in POST requests to the ajaxlist endpoint to potentially extract or modify database...
CVE-2021-47811
Grocery Crud 1.6.4 contains a SQL injection vulnerability in the orderby parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the orderby parameter in POST requests to the ajaxlist endpoint to potentially extract or modify database...
CVE-2021-47811
CVE-2021-47811 affects Grocery Crud 1.6.4. A SQL injection exists in the order_by parameter that allows remote attackers to manipulate queries. The vulnerability can be exploited via the order_by[] parameter in POST requests to the ajax_list endpoint, potentially enabling data extraction or modif...
PT-2026-3181
Grocery Crud 1.6.4 contains a SQL injection vulnerability in the order by parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the order by parameter in POST requests to the ajax list endpoint to potentially extract or modify...
Grocery Crud 1.6.4 SQL Injection
Exploit Title: Grocery crud 1.6.4 - 'orderby' SQL Injection Date: 11/06/1963 Exploit Author: TonyShavez Vendor Homepage: https://www.grocerycrud.com/ Software Link: https://www.grocerycrud.com/downloads Version: v2.0.1 Tested on: Linux Ubuntu Proof Of concept : ======================= Request: PO...
Grocery crud 1.6.4 - (order_by) SQL Injection Vulnerability
Exploit Title: Grocery crud 1.6.4 - 'orderby' SQL Injection Exploit Author: TonyShavez Vendor Homepage: https://www.grocerycrud.com/ Software Link: https://www.grocerycrud.com/downloads Version: v2.0.1 Tested on: Linux Ubuntu Proof Of concept : ======================= Request: POST...
Grocery crud 1.6.4 - 'order_by' SQL Injection
Exploit Title: Grocery crud 1.6.4 - 'orderby' SQL Injection Date: 11/06/1963 Exploit Author: TonyShavez Vendor Homepage: https://www.grocerycrud.com/ Software Link: https://www.grocerycrud.com/downloads Version: v2.0.1 Tested on: Linux Ubuntu Proof Of concept : ======================= Request: PO...
Grocery crud 1.6.1 - 'search_field' SQL Injection
Exploit Title: Grocery crud 1.6.1 - 'searchfield' SQL Injection Google Dork: n/a Date: 2018-11-05 Exploit Author: Loading Kura Kura Vendor Homepage: https://www.grocerycrud.com/ Software Link: https://www.grocerycrud.com/downloads Version: 1.6.1 Tested on: Win10/Kali Linux CVE : 1. Proof of Conce...