19 matches found
EUVD-2019-19819
Netartmedia PHP Dating Site contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with time-based SQL injection payloads in the Email field ...
CVE-2019-25535
Netartmedia PHP Dating Site contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with time-based SQL injection payloads in the Email field ...
CVE-2019-25541 Netartmedia PHP Mall 4.1 Multiple SQL Injection
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. Attackers can inject time-based blind SQL payloads via the 'id' parameter in index.php or the 'Email' parameter in...
CVE-2019-25537
Netartmedia Event Portal 2.0 is affected by a time-based blind SQL injection in the Email parameter of loginaction.php, exploitable without authentication. Attackers can send crafted POST requests to extract sensitive database information. The vulnerability enables attackers to manipulate queries...
CVE-2019-25537 Netartmedia Event Portal 2.0 SQL Injection via loginaction.php
Netartmedia Event Portal 2.0 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with malicious SQL payloads in the Email...
CVE-2019-25532
CVE-2019-25532 affects Netartmedia Jobs Portal 6.1. The connected documents describe an SQL injection vulnerability where unauthenticated attackers can inject SQL through the Email field in loginaction.php via POST requests, enabling extraction of sensitive data or bypassing authentication. The r...
CVE-2019-25531 Netartmedia Deals Portal Lastest SQL Injection via loginaction.php
Netartmedia Deals Portal contains an SQL injection vulnerability in the Email parameter of loginaction.php that allows unauthenticated attackers to manipulate database queries. Attackers can submit crafted SQL payloads through POST requests to extract sensitive information or bypass authenticatio...
CVE-2019-25531
Netartmedia Deals Portal is affected by an SQL injection in the Email parameter of loginaction.php, allowing unauthenticated attackers to manipulate queries and potentially extract data or bypass authentication. The vulnerability is rated HIGH (CVSS 3.1: 8.2, NETWORK/LOW/PR:N/UI:N, with confident...
CVE-2019-25531 Netartmedia Deals Portal Lastest SQL Injection via loginaction.php
Netartmedia Deals Portal contains an SQL injection vulnerability in the Email parameter of loginaction.php that allows unauthenticated attackers to manipulate database queries. Attackers can submit crafted SQL payloads through POST requests to extract sensitive information or bypass authenticatio...
CVE-2024-10449 Codezips Hospital Appointment System loginAction.php sql injection
A vulnerability, which was classified as critical, was found in Codezips Hospital Appointment System 1.0. This affects an unknown part of the file /loginAction.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...
Codezips Hospital Appointment System SQL注入漏洞
Codezips Hospital Appointment System is a Codezips open source hospital appointment system. Codezips Hospital Appointment System version 1.0 suffers from a SQL injection vulnerability that originates from the parameter Username in the file /loginAction.php that can lead to SQL injection...
Sql injection
Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the loginAction.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-50866 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the loginAction.php resource does not validate the characters received and they are sent unfiltered to the database...
Netartmedia PHP Business Directory 4.2 - SQL Injection
Netartmedia PHP Business Directory 4.2 - SQL Injection Exploit Title: Netartmedia PHP Business Directory 4.2 - SQL Injection Date: 19.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpbusinessdirectory.com/ Demo Site: https://www.bizwebdirectory.com/ Version: 4.2 Tested on...
Netartmedia PHP Dating Site - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Netartmedia Php Dating Site - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/datingsite/ Demo Site: https://www.phpscriptdemos.com/dating/ Version: Lastest Tested on: Kali Linux CVE:...
Netartmedia PHP Business Directory 4.2 SQL Injection
Exploit Title: Netartmedia PHP Business Directory 4.2 - SQL Injection Date: 19.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpbusinessdirectory.com/ Demo Site: https://www.bizwebdirectory.com/ Version: 4.2 Tested on: Kali Linux CVE: N/A ----- PoC SQLi ----- Request:...
京信通信/09/business/loginAction.php username参数命令执行漏洞
No description provided by source...
ROCKOA 2.1.8 /webrock/login/loginAction.php SQL 注入漏洞
No description provided by source...
CVE-2009-4600
NetArt Media Real Estate Portal 2.0 is affected. The vulnerability resides in realestate20/loginaction.php where the Email parameter (username field) is used in SQL without proper sanitization, allowing remote attackers to execute arbitrary SQL commands. This is a classic SQL injection with poten...