9 matches found
CVE-2020-37083
PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. Attackers can inject crafted SQL statements with time delays to extract information by observing response times in the photo.php...
EUVD-2020-30992
PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. Attackers can inject crafted SQL statements with time delays to extract information by observing response times in the photo.php...
CVE-2020-37083
PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. Attackers can inject crafted SQL statements with time delays to extract information by observing response times in the photo.php...
CVE-2020-37083 addressbook 9.0.0.1 - 'id' SQL Injection
PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. Attackers can inject crafted SQL statements with time delays to extract information by observing response times in the photo.php...
CVE-2020-37083 addressbook 9.0.0.1 - 'id' SQL Injection
PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. Attackers can inject crafted SQL statements with time delays to extract information by observing response times in the photo.php...
PT-2026-5833
PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. Attackers can inject crafted SQL statements with time delays to extract information by observing response times in the photo.php...
PHP Address Book SQL注入漏洞
PHP Address Book is a web-based contact management system developed by chatelao. Version 9.0.0.1 of PHP Address Book has a SQL injection vulnerability. This vulnerability stems from a time-based blind SQL injection in the photo.php endpoint. Attackers can extract information by injecting speciall...
PT-2025-7627 · Ghosts · Ghosts
Name of the Vulnerable Software and Affected Versions: GHOSTS versions 8.0.0.0 through 8.2.7.89 Description: A path traversal vulnerability was discovered in GHOSTS that allows an attacker to access files outside of the intended directory through the photo retrieval endpoint. The vulnerability...
Prison Management System 代码问题漏洞
Prison Management System is a prison management system by the individual developer Carlo Montero. A code issue vulnerability exists in SourceCodester Prison Management System version 1.0, which stems from the parameter userImage in the file /Employee/edit-photo.php that can lead to unrestricted...