76 matches found
CVE-2019-25730
Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to pages.php with crafted id values using error-based SQL injection techniques to...
CVE-2019-25730
Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to pages.php with crafted id values using error-based SQL injection techniques to...
CVE-2015-20119 RealtyScript 4.0.2 Stored Cross-Site Scripting via text Parameter in pages.php
Next Click Ventures RealtyScript 4.0.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious HTML and iframe elements through the text parameter in the pages.php admin interface. Attackers can submit POST requests to the add page action with...
CVE-2015-20119
CVE-2015-20119 affects RealtyScript 4.0.2 (Next Click Ventures). It is a stored cross-site scripting vulnerability in the pages.php admin interface: an authenticated attacker can submit crafted iframe payloads via the text parameter to the add page action, storing malicious content that executes ...
CVE-2026-2543
A vulnerability was identified in vichan-devel vichan up to 5.1.5. This vulnerability affects unknown code of the file inc/mod/pages.php of the component Password Change Handler. The manipulation of the argument Password leads to unverified password change. The attack can be initiated remotely. T...
vichan 授权问题漏洞
Vichan is an open-source PHP image panel developed by vichan-devel. Versions of Vichan 5.1.5 and earlier have a vulnerability related to authorization issues. This vulnerability stems from the handling of the Password parameter by the Password Change Handler component in the inc/mod/pages.php fil...
CVE-2026-0567
A vulnerability was detected in code-projects Content Management System 1.0. The affected element is an unknown function of the file /pages.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...
CVE-2026-0567
A vulnerability was detected in code-projects Content Management System 1.0. The affected element is an unknown function of the file /pages.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...
CVE-2026-0567 code-projects Content Management System pages.php sql injection
A vulnerability was detected in code-projects Content Management System 1.0. The affected element is an unknown function of the file /pages.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...
EUVD-2008-3847
Malware in sbrugna...
EUVD-2017-8728
Malware in sbrugna...
CVE-2011-5309
Cross-site scripting XSS vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2025-0537 code-projects Car Rental Management System manage-pages.php cross site scripting
A vulnerability, which was classified as problematic, has been found in code-projects Car Rental Management System 1.0. This issue affects some unknown processing of the file /admin/manage-pages.php. The manipulation of the argument pgdetails leads to cross site scripting. The attack may be...
CVE-2024-6949
A vulnerability classified as problematic was found in Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120. Affected by this vulnerability is an unknown functionality of the file /pages.php?edit=News. The manipulation leads to path traversal. The attack can be launched remotely. The exploi...
The functionality of the pages.php component in the Content Management System allows a hacker to execute arbitrary code or enhance their privileges.
The vulnerability of the pages.php component in the Content Management System software is related to the failure to implement measures to protect the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code or gain increased privileges...
CVE-2023-48987
Blind SQL Injection vulnerability in CU Solutions Group CUSG Content Management System CMS before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the pages.php component...
CVE-2023-48987
Blind SQL Injection vulnerability in CU Solutions Group CUSG Content Management System CMS before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the pages.php component...
CVE-2023-52285
ExamSys 9150244 allows SQL Injection via the /Support/action/Pages.php sscore2 parameter...
CVE-2023-52285
ExamSys 9150244 allows SQL Injection via the /Support/action/Pages.php sscore2 parameter...
CVE-2023-52285
ExamSys 9150244 is affected by CVE-2023-52285, with a SQL Injection vulnerability via the /Support/action/Pages.php s_score2 parameter. Evidence from multiple sources confirms the issue and a CVSSv3.1 base score of 7.5 (HIGH). Connected details indicate the problem stems from unsanitized input in...