SQL Injection

nukeviet/nukeviet is vulnerable to SQL Injection. The vulnerability is due to improper sanitization of the listid parameter in detail.php and the groupprice or groupid parameters in searchresult.php, which allows an attacker to execute malicious SQL queries through crafted input...

CVE-2020-21809

SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the 1 listid parameter in detail.php and the 2 groupprice or groupid parameters in searchresult.php...

WordPress plugin SQL注入漏洞

WordPress plugin is an open source application plugin for WordPress. WordPress plugin suffers from a SQL injection vulnerability that stems from an unauthenticated SQL injection SQLi vulnerability found in the AutoResponder plugin, vulnerable at &listid...

The vulnerability of the Shops module in the NukeViet content management system allows a hacker to execute arbitrary SQL code.

The vulnerability of the Shops module in the NukeViet content management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code through the listid parameter in the detail.php script, ...

Vinades NukeViet SQL注入漏洞

Vinades NukeViet is an open source Content Management System CMS from Vinades Vietnam. A SQL injection vulnerability exists in NukeViet CMS due to a failure to filter special characters in the listid parameter on the detail.php page of the product store module and the groupprice and groupid...

CVE-2020-21809

Summary: CVE-2020-21809 is a SQL Injection vulnerability in the NukeViet CMS module Shops affecting versions 4.0.29 and 4.3, exploitable via improper handling of input parameters (listid in detail.php; group_price or groupid in search_result.php). The vulnerability is documented with high/critica...

CVE-2020-21809

SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the 1 listid parameter in detail.php and the 2 groupprice or groupid parameters in searchresult.php...

Sql injection

The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter...

Joomla! Component Youtube Gallery 4.1.7 - SQL Injection

Exploit Title: Joomla component comyoutubegallery - SQL Injection vulnerability Google Dork: inurl:index.php?option=comyoutubegallery Date: 15-07-2014 Exploit Author: Pham Van Khanh [email protected] Vendor Homepage: http://www.joomlaboat.com/youtube-gallery Software Link:...

Sql injection

SQL injection vulnerability in viewListing.php in linkSpheric 0.74 Beta 6 allows remote attackers to execute arbitrary SQL commands via the listID parameter...

Sql injection

Multiple SQL injection vulnerabilities in CuteFlow 2.10.0 allow remote authenticated users to execute arbitrary SQL commands via the 1 listid parameter to pages/editmailingliststep1.php, the 2 userid parameter to pages/edituser.php, the 3 fieldid parameter to pages/editfield.php, and the 4...

CVE-2008-1632

Multiple SQL injection vulnerabilities in CuteFlow 2.10.0 allow remote authenticated users to execute arbitrary SQL commands via the 1 listid parameter to pages/editmailingliststep1.php, the 2 userid parameter to pages/edituser.php, the 3 fieldid parameter to pages/editfield.php, and the 4...

Joomla Component Acajoom (com_acajoom) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================== Joomla Component Acajoom comacajoom SQL Injection Vulnerability ================================================================== Joomla Component comacajoom SQL Injection...

Sql injection

SQL injection vulnerability in index.php in the amazOOP Awesom! comawesom 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task...

CVE-2008-0603

SQL injection vulnerability in index.php in the amazOOP Awesom! comawesom 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task...

CVE-2008-0511

SQL injection vulnerability in index.php in the MaMML commamml component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter...

Sql injection

SQL injection vulnerability in index.php in the fq comfq component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter...

Mambo Component com_fq - listid SQL Injection

Mambo Component comfq - listid SQL Injection joomla SQL Injectioncomfq AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorKs 1 : allinurl: "comfq" EXPLOIT : index.php?option=comfq&Itemid=S@BUN&listid=9999999//union//select//name,password//from//mosusers/ S@BUN www.hackturkiye.com S@BUN S@BUN GO...

Mambo Component com_newsletter 4.5 - listid SQL Injection

Mambo Component comnewsletter 4.5 - listid SQL Injection joomla SQL Injectioncomnewsletter AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorKs 1 : allinurl: "comnewsletter" EXPLOIT : index.php?option=comnewsletter&Itemid=S@BUN&listid=9999999//union//select//name,password//from//mosusers/ S@BU...

Mambo Component com_mamml - listid SQL Injection

Mambo Component commamml - listid SQL Injection joomla SQL Injectioncommamml AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorKs 1 : allinurl: "commamml" EXPLOIT : index.php?option=commamml&listid=9999999//union//select//name,password//from//mosusers/ S@BUN www.hackturkiye.com S@BUN S@BUN GOO...