Lucene search
K

33 matches found

NVD
NVD
added 2026/06/19 4:16 p.m.11 views

CVE-2017-20266

Joomla SP Movie Database 1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the searchword parameter. Attackers can send GET requests to the searchresults view with crafted SQL payloads in the...

8.8CVSS0.00334EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/19 4:4 p.m.5 views

CVE-2017-20266

Joomla SP Movie Database 1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the searchword parameter. Attackers can send GET requests to the searchresults view with crafted SQL payloads in the...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/19 4:4 p.m.11 views

CVE-2017-20266

CVE-2017-20266 affects Joomla SP Movie Database 1.3. The issue is an SQL injection in the searchword parameter of the searchresults view, enabling unauthenticated attackers to execute arbitrary SQL queries and extract sensitive database information via crafted GET requests. No remediation or expl...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/19 4:4 p.m.31 views

CVE-2017-20266 Joomla SP Movie Database 1.3 SQL Injection via searchword

Joomla SP Movie Database 1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the searchword parameter. Attackers can send GET requests to the searchresults view with crafted SQL payloads in the...

8.8CVSS0.00334EPSS
Exploits0References4
CVE
CVE
added 2026/06/15 12:0 p.m.16 views

CVE-2016-20078

WordPress IMDb Profile Widget 1.0.8 contains a local file inclusion (LFI) vulnerability in pic.php that allows unauthenticated attackers to read arbitrary files via directory traversal in the URL. The impact includes potential exposure of sensitive data such as wp-config.php. CVSS metrics present...

6.9CVSS5.5AI score0.00688EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/15 12:0 p.m.6 views

CVE-2016-20078 WordPress IMDb Profile Widget 1.0.8 Local File Inclusion via pic.php

WordPress IMDb Profile Widget 1.0.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the url parameter. Attackers can supply directory traversal sequences in GET requests to pic.php to access sensitive files like...

6.9CVSS5.4AI score0.00688EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-40192

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00255EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:48 a.m.7 views

CVE-2024-43300

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bert Movie Database movie-database allows Stored XSS.This issue affects Movie Database: from n/a through = 1.0.11...

5.9CVSS5.9AI score0.00255EPSS
Exploits0References1
OSV
OSV
added 2024/10/18 11:15 a.m.4 views

CVE-2024-43300

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Bert Kößler Movie Database allows Stored XSS.This issue affects Movie Database: from n/a through 1.0.11...

4.8CVSS5.8AI score0.00255EPSS
Exploits0References1
NVD
NVD
added 2024/10/18 11:15 a.m.27 views

CVE-2024-43300

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bert Movie Database movie-database allows Stored XSS.This issue affects Movie Database: from n/a through = 1.0.11...

5.9CVSS0.00255EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/18 10:25 a.m.34 views

CVE-2024-43300 WordPress Movie Database plugin <= 1.0.11 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bert Movie Database movie-database allows Stored XSS.This issue affects Movie Database: from n/a through = 1.0.11...

5.9CVSS0.00255EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/18 10:25 a.m.16 views

CVE-2024-43300 WordPress Movie Database plugin <= 1.0.11 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bert Movie Database movie-database allows Stored XSS.This issue affects Movie Database: from n/a through = 1.0.11...

5.9CVSS5.2AI score0.00255EPSS
Exploits0References1
CVE
CVE
added 2024/10/18 10:25 a.m.58 views

CVE-2024-43300

CVE-2024-43300 corresponds to a Stored XSS in the WordPress Movie Database plugin (versions n/a through 1.0.11). The vulnerability stems from improper input neutralization during web page generation, allowing malicious scripts to be stored and executed. Affected product: WordPress Movie Database ...

5.9CVSS5.9AI score0.00255EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/10/18 12:0 a.m.4 views

WordPress plugin Movie Database 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS6AI score0.00255EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/15 9:37 a.m.5 views

WordPress Movie Database plugin <= 1.0.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by FX Patchstack in WordPress Plugin Movie Database versions = 1.0.11...

5.9CVSS6.1AI score0.00255EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.22 views

WordPress Movie Database Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Movie Database Type Plugin Vulnerable versions = 1.0.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43300 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d8991f93ba12 Credits FX Required privilege Administrator...

5.9CVSS5.8AI score0.00255EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/07/18 12:0 a.m.4 views

WordPress Plugin Shortcode IMDB 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS7.7AI score0.00214EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/30 12:0 a.m.5 views

WordPress plugin IMDB info box 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress IMDB info box plugin has a cross-site scripting vulnerability that stems from failure to clean and...

4.8CVSS5.3AI score0.00565EPSS
Exploits2References2
0day.today
0day.today
added 2017/12/30 12:0 a.m.32 views

Joomla SP Movie Database 1.4 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: SP Movie Database - SQL Injection Vulnerability Google Dork: inurl:option=comspmoviedb Date: 29.12.2017 Author: pwny Source Component : https://extensions.joomla.org/extension/sp-movie-database/ Version : 1.4 Tested on: Kali Lin...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2017/12/30 12:0 a.m.37 views

Joomla SP Movie Database 1.4 SQL Injection

Exploit Title: SP Movie Database - SQL Injection Vulnerability Google Dork: inurl:option=comspmoviedb Date: 29.12.2017 Author: pwny Source Component : https://extensions.joomla.org/extension/sp-movie-database/ Version : 1.4 Tested on: Kali Linux proof : https://ibb.co/cjdiZw Search Form in Home...

0.2AI score
Exploits0
Rows per page
Query Builder