WWBN AVideo SQL注入漏洞

WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to 26.0 contained a SQL injection vulnerability. This vulnerability stems from the getLike method in objects/like.php, which directly appends the videosid value to the SQL que...

EUVD-2022-54225

Malicious code in bioql PyPI...

CVE-2025-44608

CloudClassroom-PHP Project v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter...

CVE-2025-44608

CloudClassroom-PHP Project v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter...

CVE-2025-44608

CVE-2025-44608 affects CloudClassroom-PHP Project version 1.0, with a SQL injection vulnerability injectable via the viewid parameter. Root cause: unvalidated input in viewid leads to SQL injection. Practical impact stated in connected docs includes potential remote code execution (RCE) demonstra...

CVE-2015-10097

A vulnerability was found in grinnellplans-php up to 3.0. It has been declared as critical. Affected by this vulnerability is the function interfacedisppage/interfacedisppage of the file read.php. The manipulation leads to sql injection. The attack can be launched remotely. The identifier of the...

CVE-2024-13204

A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /blog-details.php. The manipulation of the argument blogid leads to sql injection. The attack can be launched remotely. The...

CVE-2024-13205

A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/createproduct.php of the component Create Product Page. The manipulation of the argument Name leads to cross site scripting. Th...

CVE-2024-13205

CVE-2024-13205 affects kurniaramadhan E-Commerce-PHP v1.0. The /admin/create_product.php Create Product Page vulnerable to XSS via manipulation of the Name parameter. Exploitable remotely; exploit disclosed publicly; vendor did not respond. A publicly stated workaround from PT-Security recommends...

CVE-2024-13205 kurniaramadhan E-Commerce-PHP Create Product Page create_product.php cross site scripting

A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/createproduct.php of the component Create Product Page. The manipulation of the argument Name leads to cross site scripting. Th...

CVE-2019-10708

S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter...

DataLife Engine <= 4.1 - Remote SQL Injection Exploit (php)

No description provided by source. ?php errorreporting EERROR; inisetmaxexecutiontime,0; echo ' +========================================+ | RST/GHC Datalife SQL injection exploit | +========================================+ Lite Version for DLE =4.1 '; if $argc 2 print Usage: . $argv0 . host use...

XMB <= 1.9.6 (u2uid) Remote SQL Injection Exploit (mq=off)

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo XMB = 1.9.6 'u2uid' SQL injection / admin credentials disclosure\n; echo by rgod [email protected]\n; echo site: http://retrogod.altervista.org\n; echo dork: \Powered by XMB\n\n; / works with magicquotes=off Mysql = 4....

Coppermine Photo Gallery <= 1.4.10 Remote SQL Injection Exploit

No description provided by source. !/usr/bin/php ?php if$argc 4 print \n---------------------------------------------------------; print \nAffected.scr..: Coppermine Photo Gallery = 1.4.10; print \nPoc.ID........: 19070104; print \nType..........: SQL Injection; print \nRisk.level....: Medium;...

phpscripte24 Shop System SQL Injection Vulnerability Exploit

No description provided by source...

Notepad Dog microblogging V3. 6. 1 Build 2 0 A 1 2 0 7 1 8 background to get shell-vulnerability warning-the black bar safety net

Notepad Dog microblogging system, the background presence of design defects that can lead to get backstage access to the shell Version: V3. 6. 1 Build 2 0 a 1 2 0 7 1 8 1. System Tools-data backup-custom backup-select a data amount smaller table-more options-select compress backup...

PHP SQL Server (MSSQL) Query Analyzer Remote Code Execution

Exploit for php platform in category web applications ?php / +------------------------------------------------------------------+ + PHP SQL Server MSSQL Query Analyzer Remote Code Execution + +------------------------------------------------------------------+ Web-App : PHP SQL Server MSSQL Query...

Brand PHP SQL Injection

Exploit Title: Brand PHP SQL Injection Author: Th4 MasK Contact to ; [email protected] Date : 19.01.2012 Platform : Php Dork: brand.php?id= Demo Site : http://www.mirabell.com.hk/brand.php?id=2SQL http://www.seikocan.com/brand.php?id=51SQL http://www.vmax-services.com/brand.php?id=11SQL...

Loop &#40;ricetta.php?id&#41; Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Loop ricetta.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.loopmm.com/ Persian Gulf 4 Ever! Dork : "Loop - creazioni multimediali" "inurl:ricetta.php?id="...

Shift E-Business Blind SQL Injection

======================================================= Shift E-Business - Blind SQL Injection Vulnerabilities ======================================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 3 3 3 3 7 /' \ /'\ /'\ /\ \ /\ /\ \ 7 1 /, /\L\ \ /\L...