3 matches found
PHPMyWind Cross-Site Scripting Vulnerability (CNVD-2018-15387)
PHPMyWind is a PHP + MySQL based development , W3C compliant site building engine for enterprise-level site building . A cross-site scripting vulnerability exists in PHPMyWind version 5.5. A remote attacker can exploit this vulnerability by sending the 'cid' parameter to the newsshow.php page or ...
CVE-2018-11487
PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php...
SQL Injection Vulnerability in Newsshow.asp Page of Yiming Website Builder System
Yiming web builder is a website builder system. A SQL injection vulnerability exists in the newsshow.asp page of the Yiming Website Builder System. The vulnerability is caused due to the system failing to effectively filter user-submitted data. An attacker can exploit this vulnerability to obtain...