Lucene search
K

688 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/29 1:0 p.m.8 views

CVE-2026-13569

A security vulnerability has been detected in weng-xianhu EyouCMS up to 1.7.1. This issue affects some unknown processing of the file /index.php of the component API. Such manipulation of the argument clicklike leads to sql injection. The attack can be executed remotely. The exploit has been...

5.8CVSS5.6AI score0.0021EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/06/29 1:0 p.m.15 views

CVE-2026-13569

The CVE-2026-13569 entry concerns weng-xianhu EyouCMS (up to version 1.7.1). A vulnerability in the API’s /index.php processing of the click_like argument enables SQL injection. The issue can be exploited remotely and public exploit information has been disclosed. The documents do not provide a p...

5.8CVSS5.6AI score0.0021EPSS
Exploits0References7
CVE
CVE
added 2026/06/29 3:0 a.m.18 views

CVE-2026-13529

CVE-2026-13529 : In YzmCMS (up to v7.5), a vulnerability affects an unknown function in /application/install/index.php where manipulating the siteurl parameter can cause SQL injection. The issue is exploitable remotely with high attack complexity and partial confidentiality/integrity/availability...

6.3CVSS5.8AI score0.00239EPSS
Exploits0References5
NVD
NVD
added 2026/06/21 6:16 a.m.9 views

CVE-2026-12776

A flaw has been found in Montodel House-Rental-Management up to 90010017b81265eb1ef3810268909f7719a33863. This affects an unknown part of the file /index.php?page=houses. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has...

6.5CVSS0.00192EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/19 4:51 p.m.7 views

CVE-2017-20280

Joomla Component Myportfolio 3.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the pid parameter. Attackers can send GET requests to index.php with malicious pid values in the task=project&view=grid...

8.8CVSS6AI score0.00237EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/19 4:38 p.m.10 views

CVE-2017-20276

Vulnerability: CVE-2017-20276 in Joomla! component SIMGenealogy 2.1.5. Impactful flaw: SQL injection via the type parameter in index.php when option=com_simgenealogy and view=latest are used; unauthenticated attackers can manipulate database queries and potentially exfiltrate data. Affected compo...

8.8CVSS6AI score0.00237EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 4:24 p.m.5 views

CVE-2017-20272

Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the sfselectuserid parameter. Attackers can send GET requests to index.php with the option=comupl and...

8.8CVSS6.2AI score0.00237EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/19 4:24 p.m.5 views

EUVD-2017-18999

Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the sfselectuserid parameter. Attackers can send GET requests to index.php with the option=comupl and...

8.8CVSS6.2AI score0.00237EPSS
Exploits0References2
CVE
CVE
added 2026/06/19 4:17 p.m.13 views

CVE-2017-20270

CVE-2017-20270 affects the Joomla! Twitch Tv component 1.1, with an SQL injection vulnerability in the GET parameters username and id via index.php (option=com_twitchtv and view) that allows unauthenticated attackers to execute arbitrary SQL and extract sensitive data (credentials, configuration)...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/19 3:37 p.m.5 views

EUVD-2017-18985

Joomla! Component RPC Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to index.php with option=compofos&view=pofo&id=SQL ...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/19 3:17 p.m.6 views

EUVD-2017-18979

Joomla NextGen Editor 2.1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands through the plname parameter. Attackers can send GET requests to index.php with option=comnge&view=config and inject malicious SQL code in the plname paramet...

8.8CVSS6.3AI score0.00323EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-50963

Name of the Vulnerable Software and Affected Versions Joomla! Component jCart for OpenCart version 2.0 Description An SQL injection allows unauthenticated attackers to manipulate database queries by injecting SQL code. This is achieved by sending GET requests to the 'index.php' endpoint using the...

8.8CVSS5.9AI score0.00267EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-50929

Name of the Vulnerable Software and Affected Versions Joomla NextGen Editor version 2.1.0 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL commands. This is achieved by sending GET requests to the 'index.php' endpoint with the parameters option=com nge and...

8.8CVSS6.2AI score0.00323EPSS
Exploits0References6
NVD
NVD
added 2026/06/17 8:16 p.m.12 views

CVE-2026-12529

A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. Affected is an unknown function of the file /index.php of the component Student Self-Registration Endpoint. The manipulation leads to improper access controls. Remote...

7.5CVSS0.00284EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/17 6:30 p.m.10 views

EUVD-2026-37780

A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. Affected is an unknown function of the file /index.php of the component Student Self-Registration Endpoint. The manipulation leads to improper access controls. Remote...

7.5CVSS7AI score0.00284EPSS
Exploits0References5
CVE
CVE
added 2026/06/13 11:15 p.m.33 views

CVE-2026-12176

SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0 contains a cross-site scripting (XSS) vulnerability in an unknown function of the file /index.php when the action parameter is manipulated. The attack is remote and has been publicly disclosed . Exploit maturity is label...

5.3CVSS3.7AI score0.00265EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/08 7:0 p.m.8 views

CVE-2026-11582

A flaw has been found in CodeAstro Student Attendance Management System 1.0. The impacted element is an unknown function of the file /attendance-php/index.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has bee...

7.5CVSS7AI score0.00269EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/08 3:45 p.m.43 views

CVE-2026-11530 imvks786 student_management_system Login index.ph sql injection

A vulnerability was identified in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This affects an unknown function of the file /index.ph of the component Login. Such manipulation of the argument usr/pwd leads to sql injection. The attack can be executed remotely...

7.5CVSS0.00328EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.9 views

CVE-2026-37749

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php...

9.8CVSS5.7AI score0.00677EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.9 views

CVE-2026-6183

A security flaw has been discovered in code-projects Simple Content Management System 1.0. Affected by this issue is some unknown functionality of the file /web/index.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The...

7.5CVSS7AI score0.00313EPSS
Exploits0References1
Rows per page
Query Builder