Lucene search
K

412 matches found

NVD
NVD
added 2021/07/22 5:15 p.m.20 views

CVE-2021-26232

SQL injection vulnerability in SourceCodester Simple College Website v 1.0 allows remote attackers to execute arbitrary SQL statements via the id parameter to news.php...

9.8CVSS0.02705EPSS
Exploits1References1
Prion
Prion
added 2021/07/22 5:15 p.m.12 views

Sql injection

SQL injection vulnerability in SourceCodester Simple College Website v 1.0 allows remote attackers to execute arbitrary SQL statements via the id parameter to news.php...

7.5CVSS9.8AI score0.02705EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/07/22 4:44 p.m.21 views

CVE-2021-26232

SQL injection vulnerability in SourceCodester Simple College Website v 1.0 allows remote attackers to execute arbitrary SQL statements via the id parameter to news.php...

10AI score0.02705EPSS
Exploits1References1
CVE
CVE
added 2021/07/22 4:44 p.m.38 views

CVE-2021-26232

The CVE-2021-26232 entry concerns SourceCodester Simple College Website v1.0. The vulnerability is a SQL injection in News.php via the id parameter, enabling remote attackers to execute arbitrary SQL statements. Affected software: SourceCodester Simple College Website (CMS) v1.0; vulnerable compo...

9.8CVSS9.9AI score0.02705EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/07/22 12:0 a.m.3 views

Sourcecodester Simple College Website SQL注入漏洞

Sourcecodester Simple College Website is a Sourcecodester open source application. A content management system. SourceCodester Simple College Website v 1.0 is vulnerable to SQL injection, which can be exploited by remote attackers to execute arbitrary SQL statements against news.php via the id...

9.8CVSS6.3AI score0.02705EPSS
Exploits1References2
NVD
NVD
added 2020/03/12 2:15 p.m.19 views

CVE-2020-10479

CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request...

4.3CVSS4.5AI score0.00475EPSS
Exploits1References2
NVD
NVD
added 2020/03/12 2:15 p.m.30 views

CVE-2020-10407

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/edit-news.php by adding a question mark ? followed by the payload...

4.8CVSS5AI score0.00611EPSS
Exploits1References2
NVD
NVD
added 2020/03/12 2:15 p.m.20 views

CVE-2020-10397

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-news.php by adding a question mark ? followed by the payload...

4.8CVSS5AI score0.00611EPSS
Exploits1References2
Prion
Prion
added 2020/03/12 2:15 p.m.16 views

Cross site scripting

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-news.php by adding a question mark ? followed by the payload...

3.5CVSS4.9AI score0.00611EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/03/12 2:15 p.m.17 views

Cross site scripting

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-news.php by adding a question mark ? followed by the payload...

3.5CVSS4.9AI score0.00611EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/03/12 2:15 p.m.15 views

Cross site request forgery (csrf)

CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request...

4.3CVSS4.6AI score0.00485EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:6 p.m.46 views

CVE-2020-10494

CVE-2020-10494 is a CSRF vulnerability in Chadha PHPKB Standard Multi-Language 9 affecting the admin/edit-news.php endpoint. Affected component is the news-editing function; root cause is CSRF weakness allowing an attacker to edit a news article when a user with appropriate session interacts with...

4.3CVSS4.5AI score0.00485EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:5 p.m.44 views

CVE-2020-10488

CVE-2020-10488 describes a cross-site request forgery (CSRF) in Chadha PHPKB Standard Multi-Language 9. The vulnerability exists in the admin/manage-news.php endpoint, where a crafted request can cause deletion of a news article. Root cause: CSRF due to insufficient request validation/CSRF protec...

4.3CVSS4.5AI score0.00485EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.27 views

CVE-2020-10479

CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request...

4.6AI score0.00475EPSS
Exploits1References2
CVE
CVE
added 2020/03/12 1:5 p.m.40 views

CVE-2020-10479

CVE-2020-10479 affects Chadha PHPKB Standard Multi-Language 9, where a CSRF flaw in admin/add-news.php allows adding a news article via a crafted request. The vulnerability is tied to a CSRF weakness in the /admin/add-news.php endpoint, enabling unauthorized article creation. Affected product/ver...

4.3CVSS4.5AI score0.00475EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:5 p.m.48 views

CVE-2020-10477

CVE-2020-10477 is a reflected Cross-Site Scripting vulnerability affecting Chadha PHPKB Standard Multi-Language 9. The issue occurs in admin/manage-news.php through the GET parameter sort , allowing injection of arbitrary web script or HTML. Root cause: insufficient sanitization of the sort param...

4.8CVSS4.8AI score0.00611EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:5 p.m.47 views

CVE-2020-10468

CVE-2020-10468 is a reflected XSS vulnerability in Chadha PHPKB Standard Multi-Language 9, exploitable via the GET parameter p in admin/edit-news.php. Reported across multiple sources (NVD, Red Hat, CNVD, CVE listings) with the same description: an attacker can inject arbitrary web script or HTML...

4.8CVSS4.8AI score0.00611EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:4 p.m.28 views

CVE-2020-10428

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-news.php by adding a question mark ? followed by the payload...

5AI score0.00611EPSS
Exploits1References2
CVE
CVE
added 2020/03/12 1:4 p.m.58 views

CVE-2020-10428

CVE-2020-10428 affects Chadha PHPKB Standard Multi-Language 9. The issue is a Reflected XSS in URI handling via admin/header.php, enabling injection of arbitrary script/HTML on several admin pages when a payload is added after a question mark in the URI (e.g., admin/manage-news.php and related pa...

4.8CVSS4.9AI score0.00611EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:4 p.m.28 views

CVE-2020-10407

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/edit-news.php by adding a question mark ? followed by the payload...

5AI score0.00611EPSS
Exploits1References2
Rows per page
Query Builder