Lucene search
K

12 matches found

CNNVD
CNNVD
added 2020/11/24 12:0 a.m.6 views

Simplephpscripts News Script PHP Pro SQL注入漏洞

News Script PHP Pro is a PHP/MySQL based web script from Simple PHP Scripts for displaying news on your website. News Script PHP Pro 2.3 suffers from a SQL injection vulnerability. The vulnerability can be exploited to conduct SQL injection attacks via the id parameter in the editNews action...

9.8CVSS7.3AI score0.01052EPSS
Exploits0References3
Prion
Prion
added 2017/10/29 6:29 a.m.16 views

Sql injection

PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter...

7.5CVSS9.8AI score0.02204EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2017/10/29 6:0 a.m.15 views

CVE-2017-15970

PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter...

9.9AI score0.02204EPSS
Exploits4References2
NVD
NVD
added 2011/10/05 10:55 a.m.19 views

CVE-2010-4859

SQL injection vulnerability in index.php in WebAsyst Shop-Script allows remote attackers to execute arbitrary SQL commands via the blogid parameter in a news action...

7.5CVSS8.3AI score0.01182EPSS
Exploits1References3
Prion
Prion
added 2011/10/05 10:55 a.m.12 views

Sql injection

SQL injection vulnerability in index.php in WebAsyst Shop-Script allows remote attackers to execute arbitrary SQL commands via the blogid parameter in a news action...

7.5CVSS9.1AI score0.01182EPSS
Exploits1References3
Cvelist
Cvelist
added 2011/10/05 10:0 a.m.18 views

CVE-2010-4859

SQL injection vulnerability in index.php in WebAsyst Shop-Script allows remote attackers to execute arbitrary SQL commands via the blogid parameter in a news action...

8.3AI score0.01182EPSS
Exploits1References3
NVD
NVD
added 2010/04/21 2:30 p.m.29 views

CVE-2009-4780

Multiple cross-site scripting XSS vulnerabilities in index.php in phpMyFAQ before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via 1 the lang parameter in a sitemap action, 2 the search parameter in a search action, 3 the taggingid parameter in a search action, 4 the...

4.3CVSS5.6AI score0.01178EPSS
Exploits1References2
Prion
Prion
added 2010/01/04 9:30 p.m.16 views

Sql injection

SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows remote attackers to execute arbitrary SQL commands via the title parameter in a news action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8.7AI score0.00951EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/10/01 2:30 p.m.15 views

CVE-2009-3514

Multiple SQL injection vulnerabilities in d.net CMS allow remote attackers to execute arbitrary SQL commands via 1 the page parameter to index.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the 2 editid and 3 p parameter in a news action to...

6.5CVSS8.2AI score0.00839EPSS
Exploits0References1
NVD
NVD
added 2008/02/12 1:0 a.m.15 views

CVE-2008-0677

SQL injection vulnerability in blog.php in A-Blog 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a news action...

7.5CVSS8.3AI score0.00928EPSS
Exploits0References2
Prion
Prion
added 2008/02/12 1:0 a.m.14 views

Sql injection

SQL injection vulnerability in blog.php in A-Blog 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a news action...

7.5CVSS9AI score0.00928EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2007/11/26 10:46 p.m.12 views

Sql injection

Multiple SQL injection vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the year parameter to 1 view.page.inc.php, which is reachable through a view action to index.php; or 2 the year parameter to news.page.inc.php, which is reachabl...

7.5CVSS9.2AI score0.01018EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder