5 matches found
EUVD-2007-2570
Malware in sbrugna...
PT-2023-17436 · Unknown · Novel-Plus
Name of the Vulnerable Software and Affected Versions: novel-plus version 3.6.2 Description: A critical issue has been discovered, allowing for SQL injection through the manipulation of the sort argument in the "/news/list?limit=10&offset=0&order=desc" API endpoint. This can be exploited remotely...
novel-plus SQL注入漏洞
novel-plus novel boutique-plus is a multi-end PC, WAP reading, functional original literature CMS system. novel-plus version 3.6.2 suffers from a SQL injection vulnerability, which originates from a problem with the file /news/list?limit=10&offset=0&order=desc, where the operation of the paramete...
SQL injection vulnerability in the typeId parameter of news_list.jsp file of Shangli K12 digital campus management platform.
Shangli K12 Digital Campus Management Platform is an integrated campus solution. A SQL injection vulnerability exists in the typeId parameter of the newslist.jsp file in the K12 digital campus management platform. The vulnerability is due to the system typeId parameter does not filter the data...
WESPA PHP Newsletter 3.0 Administrator Password Change
"WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path Author: alieye class : remote E-mail: [email protected] greetz: C.S.Eye Security Team members We Are: Alieye , Z0d14c , Bully13 , Stanly , Safety & All Iranian Hackers Site : www.gcmt.vcp.ir , blog : www.cseye.blogfa.com...