110 matches found
DEBIAN-CVE-2019-7334
Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Exportfile' parameter value in the view export export.php because proper filtration is omitted...
SQL injection vulnerability in sh***.php page of website building system of Hainan Creative Future Culture Media Co.
Hainan Creative Future Culture Media Co., Ltd. is an excellent media enterprise engaged in brand one-stop service e-commerce advertising consulting services. There is a SQL injection vulnerability in the sh.php page of the website system of Hainan Creative Future Culture Media Co., Ltd. that can ...
SQL Injection Vulnerability in emlog v5.3.1 Backend ta***.php Page
Short for every memory log, emlog is a PHP and MySQL based blog and CMS builder. emlog v5.3.1 SQL injection vulnerability exists in the backend ta.php page, which can be exploited by attackers to obtain sensitive database information...
SQL Injection Vulnerability in HuCart br***.php Page
HuCart is a PHP+Mysql based enterprise building system CMS that can run on various server platforms such as Linux and Windows. A SQL injection vulnerability exists in the HuCart br.php page, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in ThinkCMF 2.2.3 cl***.php Page
ThinkCMF is a Chinese content management framework based on PHP+MYSQL. A SQL injection vulnerability exists in the ThinkCMF 2.2.3 cl.php page. An attacker can exploit this vulnerability to obtain sensitive database information...
SQL Injection Vulnerability in emlog v6.0.0 Backend co***.php Page
Short for every memory log, emlog is a PHP and MySQL based blog and CMS builder. A SQL injection vulnerability exists in the emlog v6.0.0 backend co.php page. An attacker can exploit the vulnerability to obtain sensitive database information...
HuCart front-end aj***_ar***.php page has SQL injection vulnerability
HuCart HuCart is an open source enterprise building system. HuCart 5.7.4 version of the front ajar.php page there is a SQL injection vulnerability , remote attackers can exploit the vulnerability to obtain sensitive database information...
Wordpress plugin Wordfence 503.php page cross-site scripting vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Wordpress plugin Wordfence 503.php page, which can be exploited by an...
PbootCMS V1.1.7 SQL Injection Vulnerability in Sl***.php Page
PbootCMS is a new core open source enterprise building system developed by Avantech. PbootCMS V1.1.7 SQL injection vulnerability exists in Sl.php page. An attacker can exploit the vulnerability to obtain sensitive information in the database...
PbootCMS V1.1.7 SQL Injection Vulnerability in Li***.php Page
PbootCMS is a new core open source enterprise building system developed by Avantech. PbootCMS V1.1.7 Li.php page SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...
PbootCMS V1.1.7 SQL Injection Vulnerability in Co***.php Page
PbootCMS is a new core open source enterprise building system developed by Avantech. PbootCMS V1.1.7 Co.php page has a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...
SQL injection vulnerability in the se***.php page of the Leader Mailbox module of the SMiCMS school group system
State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. State Micro CMS school group system leadership mailbox module se.php page SQL injection vulnerability. Attackers can use the vulnerability to...
SQL Injection Vulnerability in ESPCMS Enterprise Website Management System V6.7.17.08.07 sh***.php Page
ESPCMS enterprise website management system is based on LAMP development and construction of enterprise website management system. ESSENCE ESPCMS Enterprise Website Management System V6.7.17.08.07 SQL injection vulnerability exists in the sh.php page. An attacker can exploit the vulnerability to...
SQL Injection Vulnerability in Five Fingers CMS v4.1.0 index.php Page
Five Fingers CMS is a high-performance open source content management system that supports LNAMP architecture. Five Fingers CMS v4.1.0 index.php page SQL injection vulnerability. Allow attackers to exploit the vulnerability to obtain sensitive database information...
Code execution vulnerability in QYKCMS backend down.php page
QYKCMS is a lightweight intelligent website building system based on PHP+MySql developed by QYK. A code execution vulnerability exists in the QYKCMS background down.php page. An attacker can exploit the vulnerability to execute script code and obtain server control privileges...
SQL Injection Vulnerability in JYmusic AlbumController.php Page
JYmusic is an open source cross-platform music management system. A SQL injection vulnerability exists in the JYmusic AlbumController.php page. Allow attackers to exploit the vulnerability to obtain sensitive database information...
SQL injection vulnerability in the nav_id parameter of the arc.php page of the Yuntrun website builder system
Yuntrue United website builder system is a website builder system SQL injection vulnerability exists in the navid parameter on the arc.php page of the Yuntrun website builder system, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in Webkravat Content Management System ic.php Page
Webkrava is a small cms system by php+mysql. A SQL injection vulnerability exists in the ic.php page of the Webkravat content management system. The lack of filtering of the 'id' parameter allows an attacker to exploit the vulnerability to obtain sensitive information about the database...
EasyNetSites 'name.php' Page Cross-Site Scripting Vulnerability
EasyNetSites is a WEB-based tool for managing organizational relationships on websites. A cross-site scripting vulnerability exists in the as parameter of the name.php page of EasyNetSites, which can be exploited by an attacker to steal cookie-based authentication or inject malicious script...
Remote Command Execution Vulnerability in the IG_dir Parameter in Kingsoft KingGate Firewall schedule.php Page
KingGate Firewall is a firewall product. A remote command execution vulnerability exists in the IGdir parameter in the schedule.php page of Kingsoft KingGate Firewall. It allows an attacker to execute system commands by submitting a POST request as: IGoperation=IGdelete&IGcheckbox=1...