EUVD-2020-31219

Joomla comhdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hdwplayersearch parameter. Attackers can submit POST requests with crafted SQL payloads in the...

CVE-2020-37218

Joomla comhdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hdwplayersearch parameter. Attackers can submit POST requests with crafted SQL payloads in the...

CVE-2020-37218 Joomla com_hdwplayer 4.2 SQL Injection via search.php

Joomla comhdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hdwplayersearch parameter. Attackers can submit POST requests with crafted SQL payloads in the...

CVE-2020-37218

Joomla component com_hdwplayer 4.2 contains an SQL injection in search.php via the hdwplayersearch parameter, allowing unauthenticated attackers to run arbitrary SQL and extract data from the hdwplayer_videos table.

CVE-2020-37218 Joomla com_hdwplayer 4.2 SQL Injection via search.php

Joomla comhdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hdwplayersearch parameter. Attackers can submit POST requests with crafted SQL payloads in the...

HDWPlayer Joomla com_hdwplayer SQL注入漏洞

HDWPlayer Joomla comhdwplayer is a Joomla video player component developed by HDWPlayer Inc. Version 4.2 of HDWPlayer Joomla comhdwplayer contains a SQL injection vulnerability. This vulnerability stems from an SQL injection issue in the search.php file. It may allow unauthenticated attackers to...

PT-2026-40619

Joomla com hdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hdwplayersearch parameter. Attackers can submit POST requests with crafted SQL payloads in the...

CVE-2023-49178

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mr. Hdwplayer HDW Player Plugin Video Player & Video Gallery allows Reflected XSS.This issue affects HDW Player Plugin Video Player & Video Gallery: from n/a through 5.0...

CVE-2023-49178

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mr. Hdwplayer HDW Player Plugin Video Player & Video Gallery allows Reflected XSS.This issue affects HDW Player Plugin Video Player & Video Gallery: from n/a through 5.0...

CVE-2023-49178

CVE-2023-49178 describes a cross-site scripting (XSS) vulnerability in the WordPress plugin HDW Player Plugin (Video Player & Video Gallery) . The issue is caused by improper neutralization of input during web page generation, enabling a Reflected XSS. Affected software: HDW Player Plugin (Video ...

HDWPlayer SQL Injection Vulnerability in Joomla!

Joomla! is an open source, cross-platform content management system CMS developed using PHP and MySQL. A SQL injection vulnerability exists in Joomla! HDWPlayer. An attacker can exploit this vulnerability to execute illegal SQL commands...

Joomla! com_hdwplayer 'search.php' SQL Injection Vulnerability

Joomla! is an open source content management system CMS. An SQL vulnerability exists in Joomla! comhdwplayer 'search.php'. An attacker can exploit the vulnerability to obtain sensitive information...

Com_hdwplayer Search.php SQL Injection Vulnerability

Developed with PHP language and MySQL database, Joomla! is a content management system. Joomla! Comhdwplayer Search.php suffers from a SQL injection vulnerability, which can be exploited by an attacker to eventually trick the server into executing malicious SQL commands by inserting SQL commands...

Joomla HDWPlayer 4.2 SQL Injection

Exploit Title: Joomla! comhdwplayer 4.2 - 'search.php' SQL Injection Dork: inurl:"index.php?option=comhdwplayer" Date: 2020-03-23 Exploit Author: qw3rTyTy Vendor Homepage: https://www.hdwplayer.com/ Software Link: https://www.hdwplayer.com/download/ Version: 4.2 Tested on: Debian/Nginx/Joomla!...