EUVD-2019-20166

Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to pages.php with crafted id values using error-based SQL injection techniques to...

CVE-2026-2543

A vulnerability was identified in vichan-devel vichan up to 5.1.5. This vulnerability affects unknown code of the file inc/mod/pages.php of the component Password Change Handler. The manipulation of the argument Password leads to unverified password change. The attack can be initiated remotely. T...

CVE-2026-0567

A vulnerability was detected in code-projects Content Management System 1.0. The affected element is an unknown function of the file /pages.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

CVE-2024-35079

An arbitrary file upload vulnerability in the uploadAudio method of inxedu v2024.4 allows attackers to execute arbitrary code via uploading a crafted .jsp file...

CVE-2020-25148

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting XSS due to the fact that it is possible to inject and store malicious JavaScript code within it. this can occur via /iftype/type= because of pages/iftype.inc.php...

Apple iWork Memory Corruption Vulnerability (CNVD-2015-06781)

Apple iWork is an office software suite for OS X and iOS operating systems. A security vulnerability exists in Apple iWork versions prior to 2.6 and Apple Pages versions prior to 5.6. A remote attacker can exploit this vulnerability to execute arbitrary code or cause a denial of service memory...