Lucene search
K

9 matches found

NVD
NVD
added 2026/02/03 10:16 p.m.7 views

CVE-2020-37083

PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. Attackers can inject crafted SQL statements with time delays to extract information by observing response times in the photo.php...

8.8CVSS0.00302EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/03 10:1 p.m.4 views

EUVD-2020-30992

PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. Attackers can inject crafted SQL statements with time delays to extract information by observing response times in the photo.php...

8.8CVSS5.8AI score0.00302EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/03 10:1 p.m.3 views

CVE-2020-37083

PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. Attackers can inject crafted SQL statements with time delays to extract information by observing response times in the photo.php...

8.8CVSS5.8AI score0.00302EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/03 10:1 p.m.3 views

CVE-2020-37083 addressbook 9.0.0.1 - 'id' SQL Injection

PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. Attackers can inject crafted SQL statements with time delays to extract information by observing response times in the photo.php...

8.8CVSS5.8AI score0.00302EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/03 10:1 p.m.30 views

CVE-2020-37083 addressbook 9.0.0.1 - 'id' SQL Injection

PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. Attackers can inject crafted SQL statements with time delays to extract information by observing response times in the photo.php...

8.8CVSS0.00302EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.5 views

PT-2026-5833

PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. Attackers can inject crafted SQL statements with time delays to extract information by observing response times in the photo.php...

8.8CVSS5.9AI score0.00302EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.8 views

PHP Address Book SQL注入漏洞

PHP Address Book is a web-based contact management system developed by chatelao. Version 9.0.0.1 of PHP Address Book has a SQL injection vulnerability. This vulnerability stems from a time-based blind SQL injection in the photo.php endpoint. Attackers can extract information by injecting speciall...

8.8CVSS5.9AI score0.00302EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/02/19 12:0 a.m.6 views

PT-2025-7627 · Ghosts · Ghosts

Name of the Vulnerable Software and Affected Versions: GHOSTS versions 8.0.0.0 through 8.2.7.89 Description: A path traversal vulnerability was discovered in GHOSTS that allows an attacker to access files outside of the intended directory through the photo retrieval endpoint. The vulnerability...

8.7CVSS6.8AI score0.00597EPSS
Exploits1References12
CNNVD
CNNVD
added 2024/05/05 12:0 a.m.3 views

Prison Management System 代码问题漏洞

Prison Management System is a prison management system by the individual developer Carlo Montero. A code issue vulnerability exists in SourceCodester Prison Management System version 1.0, which stems from the parameter userImage in the file /Employee/edit-photo.php that can lead to unrestricted...

8.8CVSS6.7AI score0.00857EPSS
Exploits1References5
Rows per page
Query Builder