459656 matches found
FormLift for Infusionsoft Web Forms <= 7.5.17 - SQL Injection
The FormLift for Infusionsoft Web Forms plugin for WordPress is vulnerable to SQL Injection via the 'formid' parameter in versions up to, and including, 7.5.17 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
Download Monitor < 4.4.5 - SQL Injection
The Download Monitor plugin for WordPress is vulnerable to SQL injection via the 'orderby' parameter in versions before 4.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attacker...
MasterStudy LMS WordPress Plugin <= 3.2.5 - SQL Injection
The MasterStudy LMS WordPress Plugin for Online Courses and Education plugin for WordPress is vulnerable to union based SQL Injection via the 'user' parameter of the /lms/stm-lms/order/items REST route in all versions up to, and including, 3.2.5 due to insufficient escaping on the user supplied...
Buffalo WSR-2533DHPL2 - Configuration File Injection
The web interfaces of Buffalo WSR-2533DHPL2 firmware version = 1.02 and WSR-2533DHP3 firmware version = 1.24 does not properly sanitize user input. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially leading to remote code execution. id:...
Lexmark Printers - Command Injection
Certain Lexmark devices through 2023-02-19 mishandle Input Validation issue 1 of 4. id: CVE-2023-26067 info: name: Lexmark Printers - Command Injection author: DhiyaneshDK severity: high description: | Certain Lexmark devices through 2023-02-19 mishandle Input Validation issue 1 of 4. impact: |...
Django RasterField - SQL Injection
Django 6.0.2, 5.2.11, and 4.2.28 contains a SQL injection caused by improper sanitization of the band index parameter in RasterField on PostGIS, letting remote attackers inject SQL, exploit requires crafted input. id: CVE-2026-1207 info: name: Django RasterField - SQL Injection author: omarkurt...
Jms Blog - SQL Injection
The module Jms Blog jmsblog from Joommasters contains a Time Based SQL injection vulnerability. This module is for the PrestaShop e-commerce platform and mainly provided with joommasters PrestaShop themes id: CVE-2023-27034 info: name: Jms Blog - SQL Injection author: MaStErChO severity: critical...
IPeakCMS 3.5 - SQL Injection
ipeak Infosystems ibexwebCMS 3.5 contains an unauthenticated Boolean-based SQL injection caused by unsanitized 'id' parameter in /cms/print.php, letting attackers execute arbitrary SQL commands, exploit requires no authentication. id: CVE-2021-3018 info: name: IPeakCMS 3.5 - SQL Injection author:...
TOTOLink - Unauthenticated Command Injection
TOTOLINK X5000R V9.1.0u.6118B20201102 and V9.1.0u.6369B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter. id: CVE-2023-30013 info: name: TOTOLink - Unauthenticated...
ASIS - SQL Injection Authentication Bypass
ASIS aka Aplikasi Sistem Sekolah using CodeIgniter 3 3.0.0 through 3.2.0 allows index.php username SQL injection for Authentication Bypass. id: CVE-2024-45622 info: name: ASIS - SQL Injection Authentication Bypass author: s4e-io severity: critical description: | ASIS aka Aplikasi Sistem Sekolah...
WordPress Easy Digital Downloads <= 3.2.12 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Easy Digital Downloads allows SQL Injection.This issue affects Easy Digital Downloads: from n/a through 3.2.12. id: CVE-2024-5057 info: name: WordPress Easy Digital Downloads = 3.2.12 - SQL Injecti...
Zyxel Firewall - OS Command Injection
An OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100W firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1...
Thinfinity Iframe Injection
A vulnerability exists in Thinfinity VirtualUI in a function located in /lab.html reachable which by default could allow IFRAME injection via the "vpath" parameter. id: CVE-2021-45092 info: name: Thinfinity Iframe Injection author: danielmofer severity: critical description: A vulnerability exist...
CentOS Web Panel - OS Command Injection
The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection vulnerability leading to root Remote Code Execution. id: CVE-2021-31324 info: name: CentOS Web Panel - OS Command Injection author: ritikchaddha severity: critical description: | The unprivileged user portal...
KodExplorer - Cross-Site Scripting
KodExplorer is susceptible to a reflected cross-site scripting XSS vulnerability in the file view functionality.The vulnerability exists in app/template/api/view.html where user-supplied input in the 'path' parameter is directly echoed without proper sanitization.This allows attackers to inject...
Cachet <=2.3.18 - SQL Injection
Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the SearchableTraitscopeSearch. Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as administrator's password and...
Control Web Panel (CWP) - File Inclusion
In CWP Control Web Panel, previously CentOS Web Panel before version 0.9.8.1107, an unauthenticated attacker can abuse null byte %00 injection with the "scripts" parameter in the /user/loader.php or /user/login.php endpoints to register arbitrary API keys or access sensitive files. This can be...
PuneethReddyHC Online Shopping System homeaction.php SQL Injection
An unauthenticated SQL injection vulnerability exists in PuneethReddyHC Online Shopping System through the /homeaction.php catid parameter. Using a post request does not sanitize the user input. id: CVE-2021-41649 info: name: PuneethReddyHC Online Shopping System homeaction.php SQL Injection...
Pie Register < 3.7.1.6 - SQL Injection
The Registration Forms User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.7.1.6 does not properly escape user data before using it in a SQL statement in the wp-json/pie/v1/login REST API endpoint, leading to an SQL injection. id:...
Doctor Appointment System 1.0 - SQL Injection
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter. id: CVE-2021-27320 info: name: Doctor Appointment System 1.0 - SQL Injection author: theamanrawat severity: high description: | Blind S...