Lucene search
K

10 matches found

NVD
NVD
added 2026/06/15 2:16 p.m.12 views

CVE-2016-20073

Answer My Question 1.3 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' POST parameter. Attackers can submit crafted SQL statements to the modal.php endpoint to extract...

8.8CVSS0.0027EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/15 12:0 p.m.7 views

CVE-2016-20073 Answer My Question 1.3 Plugin WordPress SQL Injection via modal.php

Answer My Question 1.3 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' POST parameter. Attackers can submit crafted SQL statements to the modal.php endpoint to extract...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/15 12:0 p.m.8 views

EUVD-2016-10885

Answer My Question 1.3 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' POST parameter. Attackers can submit crafted SQL statements to the modal.php endpoint to extract...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
CVE
CVE
added 2026/06/15 12:0 p.m.13 views

CVE-2016-20073

The Answer My Question 1.3 WordPress plugin contains an unauthenticated SQL injection in modal.php via the id POST parameter, enabling attackers to execute arbitrary SQL and extract sensitive database information (e.g., WordPress terms and configuration data). CVSS metrics are provided: CVSS v3.1...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.15 views

PT-2026-49211

Answer My Question 1.3 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' POST parameter. Attackers can submit crafted SQL statements to the modal.php endpoint to extract...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References5
OSV
OSV
added 2023/02/25 2:15 a.m.4 views

DEBIAN-CVE-2023-26038

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain a Local File Inclusion Untrusted Search Path vulnerability via web/ajax/modal.php, where an arbitrary php file path c...

6.5CVSS7.2AI score0.0051EPSS
Exploits1References1
Prion
Prion
added 2023/02/25 2:15 a.m.12 views

Design/Logic Flaw

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain a Local File Inclusion Untrusted Search Path vulnerability via web/ajax/modal.php, where an arbitrary php file path c...

6.4CVSS6.3AI score0.0051EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/02/25 1:27 a.m.44 views

CVE-2023-26038 ZoneMinder contains Local File Inclusion vulnerability via `web/ajax/modal.php`

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain a Local File Inclusion Untrusted Search Path vulnerability via web/ajax/modal.php, where an arbitrary php file path c...

5.4CVSS6.8AI score0.0051EPSS
Exploits1References1
Openbugbounty
Openbugbounty
added 2018/06/19 10:4 a.m.12 views

mobiliteit.lu XSS vulnerability

Open Bug Bounty ID: OBB-633884 Description| Value ---|--- Affected Website:| mobiliteit.lu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
WPVulnDB
WPVulnDB
added 2017/04/24 12:0 a.m.8 views

Answer My Question 1.3 - Cross-Site Scripting (XSS)

The answer-my-question WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability. PoC Host: 10.194.0.44 URL: http://10.194.0.44/wp-content/plugins/answer-my-question/modal.php Parameter: Hidden Field id Payload: "...

0.4AI score
Exploits0References1Affected Software1
Rows per page
Query Builder