3 matches found
PT-2026-51685
Name of the Vulnerable Software and Affected Versions RentMy Real-Time Rental Management Plugin versions prior to 4.0.4.2 Description An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. This allows unauthenticated attacke...
EUVD-2026-11103
The WP Maps plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'locationid' parameter in all versions up to, and including, 4.9.1. This is due to the plugin's database abstraction layer FlipperCodeModelBase::iscolumn treating user input wrapped in backticks as column...
UBUNTU-CVE-2014-9235
Multiple SQL injection vulnerabilities in Zoph aka Zoph Organizes Photos 0.9.1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 action parameter to group.php or 2 user.php or the 3 locationid parameter to photos.php in php/...