CVE-2025-5401

A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /post.php of the component GET Parameter Handler. The manipulation of the argument pid leads...

Blogbook 注入漏洞

Blogbook is a content management system project by the individual developer Chaitak Gorai. Blogbook has an injection vulnerability that stems from SQL injection in the parameter pid in the file /post.php...

AeroCMS SQL注入漏洞

AeroCMS is a content management system from the American company AeroCMS. AeroCMS version v0.0.1 suffers from a security vulnerability that stems from the pid parameter of its post.php component that allows an attacker to implement a SQL injection resulting in access to database information...

CVE-2022-45331

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the pid parameter at \post.php. This vulnerability allows attackers to access database information...

CVE-2020-35597

Victor CMS 1.0 is vulnerable to SQL injection via cid parameter of admineditcomment.php, pid parameter of admineditpost.php, uid parameter of adminedituser.php, and edit parameter of adminupdatecategories.php...

Sql injection

Adhouma CMS through 2019-10-09 has SQL Injection via the post.php pid parameter...

CVE-2019-17429

Adhouma CMS through 2019-10-09 has SQL Injection via the post.php pid parameter...

CVE-2018-20480

An issue was discovered in S-CMS 1.0. It allows SQL Injection via the js/pic.php Pid parameter...

Sql injection

An issue was discovered in S-CMS 1.0. It allows SQL Injection via the js/pic.php Pid parameter...

CVE-2018-20480

An issue was discovered in S-CMS 1.0. It allows SQL Injection via the js/pic.php Pid parameter...

S-CMS SQL Injection Vulnerability (CNVD-2018-26678)

S-CMS is a content management system CMS based on PHP and MySQL. A SQL injection vulnerability exists in S-CMS version 1.0, which can be exploited by remote attackers to execute SQL commands by sending the 'Pid' parameter to the js/pic.php file...

CVE-2010-2357

SQL injection vulnerability in index.php in Eicra Realestate Script 1.0 and 1.6.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: some of these details are obtained from third party information...

CVE-2010-2357

SQL injection vulnerability in index.php in Eicra Realestate Script 1.0 and 1.6.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: some of these details are obtained from third party information...

Sql injection

SQL injection vulnerability in details.php in Iceberg CMS allows remote attackers to execute arbitrary SQL commands via the pid parameter...

CVE-2010-2016

CVE-2010-2016 reflects a SQL injection vulnerability in Iceberg CMS, specifically in details.php where the p_id parameter can be exploited to execute arbitrary SQL commands. Affected software is Iceberg CMS; the root cause is improper input handling leading to SQL command manipulation. The vulner...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php AlstraSoft E-Friends allows remote attackers to inject arbitrary web script or HTML via the pid parameter in a peoplecard action. NOTE: this might overlap CVE-2006-2564...