CVE-2015-20119 RealtyScript 4.0.2 Stored Cross-Site Scripting via text Parameter in pages.php

Next Click Ventures RealtyScript 4.0.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious HTML and iframe elements through the text parameter in the pages.php admin interface. Attackers can submit POST requests to the add page action with...

CVE-2015-20119

CVE-2015-20119 affects RealtyScript 4.0.2 (Next Click Ventures). It is a stored cross-site scripting vulnerability in the pages.php admin interface: an authenticated attacker can submit crafted iframe payloads via the text parameter to the add page action, storing malicious content that executes ...

CVE-2026-2543

A vulnerability was identified in vichan-devel vichan up to 5.1.5. This vulnerability affects unknown code of the file inc/mod/pages.php of the component Password Change Handler. The manipulation of the argument Password leads to unverified password change. The attack can be initiated remotely. T...

vichan 授权问题漏洞

Vichan is an open-source PHP image panel developed by vichan-devel. Versions of Vichan 5.1.5 and earlier have a vulnerability related to authorization issues. This vulnerability stems from the handling of the Password parameter by the Password Change Handler component in the inc/mod/pages.php fil...

CVE-2026-0567

A vulnerability was detected in code-projects Content Management System 1.0. The affected element is an unknown function of the file /pages.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

CVE-2026-0567

A vulnerability was detected in code-projects Content Management System 1.0. The affected element is an unknown function of the file /pages.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

CVE-2026-0567 code-projects Content Management System pages.php sql injection

A vulnerability was detected in code-projects Content Management System 1.0. The affected element is an unknown function of the file /pages.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

EUVD-2017-8728

Malware in sbrugna...

EUVD-2008-3847

Malware in sbrugna...

CVE-2011-5309

Cross-site scripting XSS vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

CVE-2025-0537 code-projects Car Rental Management System manage-pages.php cross site scripting

A vulnerability, which was classified as problematic, has been found in code-projects Car Rental Management System 1.0. This issue affects some unknown processing of the file /admin/manage-pages.php. The manipulation of the argument pgdetails leads to cross site scripting. The attack may be...

CVE-2024-6949

A vulnerability classified as problematic was found in Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120. Affected by this vulnerability is an unknown functionality of the file /pages.php?edit=News. The manipulation leads to path traversal. The attack can be launched remotely. The exploi...

CVE-2023-48987

Blind SQL Injection vulnerability in CU Solutions Group CUSG Content Management System CMS before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the pages.php component...

CVE-2023-48987

Blind SQL Injection vulnerability in CU Solutions Group CUSG Content Management System CMS before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the pages.php component...

CVE-2023-52285

ExamSys 9150244 allows SQL Injection via the /Support/action/Pages.php sscore2 parameter...

CVE-2023-52285

ExamSys 9150244 allows SQL Injection via the /Support/action/Pages.php sscore2 parameter...

CVE-2023-52285

ExamSys 9150244 is affected by CVE-2023-52285, with a SQL Injection vulnerability via the /Support/action/Pages.php s_score2 parameter. Evidence from multiple sources confirms the issue and a CVSSv3.1 base score of 7.5 (HIGH). Connected details indicate the problem stems from unsanitized input in...

CVE-2023-6614 Typecho Page manage-pages.php backdoor

A vulnerability classified as problematic was found in Typecho 1.2.1. Affected by this vulnerability is an unknown functionality of the file /admin/manage-pages.php of the component Page Handler. The manipulation leads to backdoor. The attack can be launched remotely. The exploit has been disclos...

CVE-2023-6614

CVE-2023-6614 concerns Typecho 1.2.1. The vulnerability affects the file /admin/manage-pages.php in the Page Handler component, where manipulation can lead to a backdoor. Exploitation can be performed remotely, and the public exploit has been disclosed. Multiple references corroborate Typecho 1.2...

Pixelimity cross-site scripting vulnerability

Pixelimity is a PHP-based CMS Content Management System.A cross-site scripting vulnerability exists in Pixelimity version 1.0, which stems from a lack of data validation filtering of user-supplied and output data in the Title field of admin/pages.php. An attacker could exploit the vulnerability t...