CVE-2024-4845

The Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘optionslistid’ parameter in all versions up to, and including, 5.7.22 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...

CVE-2024-4845

CVE-2024-4845 affects the Icegram Express plugin for WordPress, vulnerable to SQL Injection via the sensitive parameter options[list_id] in all versions up to and including 5.7.22. The root cause is insufficient escaping of the user-supplied value and inadequate preparation of the existing SQL qu...

CVE-2017-6098

A SQL injection issue was discovered in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects /inc/campaignsave.php Requires authentication to Wordpress admin with the POST Parameter: listid...

Rebus:list (list.php, list_id param) - SQL Injection Vulnerability

No description provided by source. Exploit Title: Rebus:list SQL Injection Vulnerability Date: 3/18/2013 Vendor Homepage: http://www.ptfs-europe.com/products/rebus/rebuslist/ Author: Robert Cooper robert.cooper at areyousecure.net Tested on: Linux/Windows 7 Vulnerable Parameters: listid= Google...

Rebus:list (list.php, list_id param) - SQL Injection Vulnerability

Exploit for php platform in category web applications http://server/list.php?listid=2' http://server/list.php?listid=-2 union all select 1,2,groupconcatuserid,0x3a,login,0x3a,password FROM users-- 0day.today 2018-03-28...