38 matches found
EUVD-2015-0566
Malware in sbrugna...
EUVD-2014-9067
Malware in sbrugna...
EUVD-2022-2882
Malicious code in bioql PyPI...
CVE-2023-31940
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the pageid parameter at articleedit.php...
CVE-2024-11713
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'pageid' parameter of the wpjobportaldeactivate function in all versions up to, and including, 2.2.2 due to insufficient escaping on the user supplied...
CVE-2023-31940
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the pageid parameter at articleedit.php...
CVE-2023-31940
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the pageid parameter at articleedit.php...
CVE-2023-31940
CVE-2023-31940 affects Online Travel Agency System v1.0, with a SQL injection vulnerability in article_edit.php via the page_id parameter. The issue enables a remote attacker to execute arbitrary SQL commands, potentially compromising data confidentiality, integrity, and availability. Several lin...
Showdoc Unauthenticated Access
ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified pageid...
GHSA-PFRC-5HHQ-6HVR Showdoc Unauthenticated Access
ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified pageid...
Code injection
ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified pageid...
CVE-2018-19620
ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified pageid...
CVE-2018-19620
ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified pageid...
ShowDoc Annotation Editing Vulnerability
ShowDoc is an online document sharing tool. A security vulnerability exists in ShowDoc version 2.4.1. A remote attacker can exploit the vulnerability to modify a user's notes with a modified 'pageid' parameter...
CVE-2018-19609
ShowDoc 2.4.1 allows remote attackers to obtain sensitive information by navigating with a modified pageid, as demonstrated by reading note content, or discovering a username in the JSON data at a diff URL...
CVE-2018-19609
ShowDoc 2.4.1 allows remote attackers to obtain sensitive information by navigating with a modified pageid, as demonstrated by reading note content, or discovering a username in the JSON data at a diff URL...
FormGet Contact Form 5.3 - Stored XSS
The AJAX action ‘requestresponse’, defined in formget-contact-form/index.php line 278 is available to any logged in user. The parameter ‘value’ is accepted as valid, so long as the string ‘sideBar’ is found at a position other than 0 i.e. prefix the payload with a space. The ‘pageid’ parameter ca...
CVE-2015-0553
Cross-site scripting XSS vulnerability in admin/pages/modify.php in WebsiteBaker 2.8.3 SP3 allows remote attackers to inject arbitrary web script or HTML via the pageid parameter...
Etiko CMS index.php cross-site scripting vulnerability-vulnerability warning-the black bar safety net
Affected system: Etiko Etiko CMS Description: CVECAN ID: CVE-2 0 1 4-8 5 0 5 Etiko CMS is a content management system. Etiko CMS did not effectively verify the index. php script input, in the realization on the presence of cross-site scripting vulnerability, a remote attacker with the structure o...
Sql injection
Multiple SQL injection vulnerabilities in Etiko CMS allow remote attackers to execute arbitrary SQL commands via the 1 pageid parameter to loja/index.php or 2 articleid parameter to index.php...