CVE-2024-0529

A vulnerability has been found in CXBSoft Post-Office up to 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /apps/loginauth.php of the component HTTP POST Request Handler. The manipulation of the argument usernamelogin leads to sql injection...

Sql injection

A vulnerability was found in CXBSoft Post-Office up to 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /apps/reggo.php of the component HTTP POST Request Handler. The manipulation of the argument usernamereg leads to sql injection. The exploit has...

Sql injection

A vulnerability has been found in CXBSoft Post-Office up to 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /apps/loginauth.php of the component HTTP POST Request Handler. The manipulation of the argument usernamelogin leads to sql injection...

CVE-2024-0530

CXBSoft Post-Office ≤1.0 is affected by a SQL injection in the HTTP POST Request Handler (/apps/reg_go.php) via the username_reg parameter. Exploit disclosed publicly; vulnerability details consistently reported across multiple sources. No patch/version fix details provided in the documents. Prac...

CVE-2024-0527

A vulnerability, which was classified as critical, has been found in CXBSoft Url-shorting up to 1.3.1. This issue affects some unknown processing of the file /admin/pages/updatego.php of the component HTTP POST Request Handler. The manipulation of the argument version leads to sql injection. The...

CVE-2024-0528

A vulnerability, which was classified as critical, was found in CXBSoft Post-Office 1.0. Affected is an unknown function of the file /admin/pages/updatego.php of the component HTTP POST Request Handler. The manipulation of the argument version leads to sql injection. The exploit has been disclose...

Sql injection

A vulnerability, which was classified as critical, was found in CXBSoft Post-Office 1.0. Affected is an unknown function of the file /admin/pages/updatego.php of the component HTTP POST Request Handler. The manipulation of the argument version leads to sql injection. The exploit has been disclose...

Sql injection

A vulnerability, which was classified as critical, has been found in CXBSoft Url-shorting up to 1.3.1. This issue affects some unknown processing of the file /admin/pages/updatego.php of the component HTTP POST Request Handler. The manipulation of the argument version leads to sql injection. The...

CVE-2024-0529 CXBSoft Post-Office HTTP POST Request login_auth.php sql injection

A vulnerability has been found in CXBSoft Post-Office up to 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /apps/loginauth.php of the component HTTP POST Request Handler. The manipulation of the argument usernamelogin leads to sql injection...

CVE-2024-0529

CXBSoft Post-Office up to v1.0 contains a SQL injection in the HTTP POST Request Handler, via the username_login parameter in /apps/login_auth.php. Exploit details are publicly disclosed; no official fix/version information is provided in the supplied documents. A temporary workaround from PT-Sec...

CVE-2024-0527

CXBSoft Url-shorting

CVE-2024-0527 CXBSoft Url-shorting HTTP POST Request update_go.php sql injection

A vulnerability, which was classified as critical, has been found in CXBSoft Url-shorting up to 1.3.1. This issue affects some unknown processing of the file /admin/pages/updatego.php of the component HTTP POST Request Handler. The manipulation of the argument version leads to sql injection. The...

Sql injection

A vulnerability classified as critical was found in CXBSoft Url-shorting up to 1.3.1. This vulnerability affects unknown code of the file /pages/shorttolong.php of the component HTTP POST Request Handler. The manipulation of the argument shorturl leads to sql injection. The exploit has been...

Sql injection

A vulnerability classified as critical has been found in CXBSoft Url-shorting up to 1.3.1. This affects an unknown part of the file /pages/longsshort.php of the component HTTP POST Request Handler. The manipulation of the argument longurl leads to sql injection. The exploit has been disclosed to...

CVE-2024-0526 CXBSoft Url-shorting HTTP POST Request short_to_long.php sql injection

A vulnerability classified as critical was found in CXBSoft Url-shorting up to 1.3.1. This vulnerability affects unknown code of the file /pages/shorttolong.php of the component HTTP POST Request Handler. The manipulation of the argument shorturl leads to sql injection. The exploit has been...

CVE-2024-0526 CXBSoft Url-shorting HTTP POST Request short_to_long.php sql injection

A vulnerability classified as critical was found in CXBSoft Url-shorting up to 1.3.1. This vulnerability affects unknown code of the file /pages/shorttolong.php of the component HTTP POST Request Handler. The manipulation of the argument shorturl leads to sql injection. The exploit has been...

CVE-2024-0522

A vulnerability was found in Allegro RomPager 4.01. It has been classified as problematic. Affected is an unknown function of the file usertable.htm?action=delete of the component HTTP POST Request Handler. The manipulation of the argument username leads to cross-site request forgery. It is...

CVE-2024-0522

CVE-2024-0522 originates from Allegro RomPager 4.01, where CSRF can be triggered via the HTTP POST Request Handler in the file usertable.htm?action=delete , allowing remote exploitation. The underlying issue is a manipulation of the username argument that enables cross-site request forgery. Affec...

Sql injection

A vulnerability was found in Kashipara Billing Software 1.0 and classified as critical. This issue affects some unknown processing of the file itemlistedit.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated...

Sql injection

A vulnerability has been found in Kashipara Billing Software 1.0 and classified as critical. This vulnerability affects unknown code of the file partysubmit.php of the component HTTP POST Request Handler. The manipulation of the argument partyname leads to sql injection. The attack can be initiat...