5 matches found
Joomla! com_hdwplayer 4.2 - search.php SQL Injection
Joomla! comhdwplayer 4.2 - search.php SQL Injection Exploit Title: Joomla! comhdwplayer 4.2 - 'search.php' SQL Injection Dork: inurl:"index.php?option=comhdwplayer" Date: 2020-03-23 Exploit Author: qw3rTyTy Vendor Homepage: https://www.hdwplayer.com/ Software Link:...
CVE-2016-6195
SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin before 4.2.2 Patch Level 5 and 4.2.3 before Patch Level 1 allows remote attackers to execute arbitrary SQL commands via the postids parameter to forumrunner/request.php, as exploited in the wild in July 2016...
CVE-2016-6195
CVE-2016-6195 affects the vBulletin core ForumRunner addon (versions 3.6.0–4.2.3) via the postids parameter to forumrunner/request.php, enabling remote SQL injection. Root cause: improper handling in ForumRunner leading to arbitrary SQL execution. Impact: potential data exposure and compromise of...
vBulletin 3.6.x to 4.2.2/4.2.3 Forumrunner 'request.php' SQLi Vulnerability - Active Check
The vBulletin core forumrunner addon enabled by default is affected by an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...
Easy2Map Photos <= 1.0.9 - SQL Injection
The code in Functions.php is vulnerable to SQL Injection because they are not parameterising or sanitising user input. PoC sqlmap -u 'http://www.example.com/wp-admin/admin-ajax.php' --data="mapID=11='+or+1%3D%3D1%3B=e2mimgsavemapname" --cookie=COOKIEHERE --level=5 --risk=3...