358 matches found
CVE-2017-17642
Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job...
CVE-2017-17623
Opensource Classified Ads Script 3.2 has SQL Injection via the advanceresult.php keyword parameter...
Sql injection
Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job...
CVE-2017-17623
Opensource Classified Ads Script 3.2 is affected by a SQL Injection via the keyword parameter in advance_result.php. Multiple sources (NVD/CVE listings and CNVD/CVE records) confirm an injectable vulnerability in this version, with CVSS scores indicating HIGH/CRITICAL severity (NVD CVSS2: 7.5 HIG...
CVE-2017-17642
Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job...
CVE-2017-17623
Opensource Classified Ads Script 3.2 has SQL Injection via the advanceresult.php keyword parameter...
CVE-2017-16955
SQL injection vulnerability in the InLinks plugin through 1.1 for WordPress allows authenticated users to execute arbitrary SQL commands via the "keyword" parameter to /wp-admin/options-general.php?page=inlinks/inlinks.php...
CVE-2017-16955
SQL injection vulnerability in the InLinks plugin through 1.1 for WordPress allows authenticated users to execute arbitrary SQL commands via the "keyword" parameter to /wp-admin/options-general.php?page=inlinks/inlinks.php...
NexusPHP Cross-Site Scripting Vulnerability (CNVD-2017-32401)
NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A cross-site scripting vulnerability exists in NexusPHP version 1.5. A remote attacker can exploit this vulnerability by sending the 'keyword' parameter to the messages.php file to obtain the...
CVE-2017-15305
XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php...
Cross site scripting
XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php...
CVE-2017-15305
XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php...
CVE-2017-12856
Cross-site scripting XSS vulnerability in C.P.Sub 5.2 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter to index.php...
Cross site scripting
Cross-site scripting XSS vulnerability in C.P.Sub 5.2 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter to index.php...
CVE-2017-12856
Cross-site scripting XSS vulnerability in C.P.Sub 5.2 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter to index.php...
CVE-2017-12856
Cross-site scripting XSS vulnerability in C.P.Sub 5.2 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter to index.php...
SQL injection vulnerability in the keyword parameter of KesionCMS KS.LogScore.asp page
KesionCMS intelligent website building system is a set of intelligent website building system developed by Xiamen Kesion Software Ltd. using ASP+ACCESS/MSSQL database architecture. A SQL injection vulnerability exists in the keyword parameter of KesionCMS KS.LogScore.asp page. Because the...
SQL injection vulnerability in the keyword parameter of KesionCMS KS.LogPoint.asp page
KesionCMS is Xiamen Kesion Software Co., Ltd. developed a set of universal station-building system. A SQL injection vulnerability exists in the keyword parameter of KesionCMS KS.LogPoint.asp page. Because the background page KS.LogPoint.asp does not strictly filter the parameter keyword, an...
SQL Injection Vulnerability in Zhimei Cloud Management System of Henan Qingfeng Network Technology Co.
Zhimei cloud management system is a set of station management system developed by Henan Qingfeng Network Technology Co. There is a SQL injection vulnerability in the Zhimei Cloud Management System of Henan Qingfeng Network Technology Co. The vulnerability is due to the product/sousuo?key= paramet...
SQL Injection Vulnerability in the Keyword Parameter of Keyword Module of SMiCMS Government Website System
SMi CMS Government Website System is a website system for governments, schools and groups. A SQL injection vulnerability exists in the keyword parameter of the opinion solicitation module of the SMiCMS government website system. Due to insufficient filtering of the parameter, an attacker can...