Lucene search
K

544 matches found

CNNVD
CNNVD
added 2022/12/09 12:0 a.m.5 views

S-CMS 跨站脚本漏洞

S-CMS is a PHP and MySQL based Content Management System CMS from S-CMS China. A security vulnerability exists in S-CMS version 5.0 Build 20220328. An attacker can exploit the vulnerability to perform cross-site scripting attacks...

5.4CVSS5.5AI score0.00365EPSS
Exploits0References3
CNVD
CNVD
added 2022/08/24 12:0 a.m.24 views

Bluecms has an unspecified vulnerability (CNVD-2022-59211)

BlueCMS is a content management system CMS based on PHP and MySQL. a security vulnerability exists in BlueCMS version 1.6, which stems from an SQL injection in line 132 of admin/area.php. No details of the vulnerability are currently available...

9.8CVSS3AI score0.14423EPSS
Exploits1References1
CNVD
CNVD
added 2022/08/12 12:0 a.m.18 views

SQL injection vulnerability exists in RPCMS (CNVD-2022-64953)

RPCMS is a lightweight content management/blogging system based on PHP MYSQL.RPCMS is vulnerable to SQL injection, which can be exploited by attackers to obtain sensitive database information...

2.4AI score
Exploits0
CNVD
CNVD
added 2022/08/12 12:0 a.m.20 views

SQL injection vulnerability exists in RPCMS (CNVD-2022-61944)

RPCMS is a lightweight content management/blogging system based on PHP MYSQL.RPCMS is vulnerable to SQL injection, which can be exploited by attackers to obtain sensitive database information...

2.4AI score
Exploits0
CNVD
CNVD
added 2022/06/27 12:0 a.m.32 views

74cmsSE SQL Injection Vulnerability (CNVD-2022-61443)

74cmsSE is a free open source professional recruitment system based on PHP MYSQL. 74cmsSE suffers from a SQL injection vulnerability, which originates from a keyword parameter in /home /jobfairol/resumelist that lacks validation for external input SQL statements. An attacker could use this...

7.5CVSS4.7AI score0.0101EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/27 12:0 a.m.37 views

74cmsSE SQL Injection Vulnerability

74cmsSE is a free open source professional recruitment system based on PHP MYSQL. 74cmsSE is vulnerable to SQL injection, which results from a lack of validation of externally entered SQL statements in the /home/resume/index keyword parameter. An attacker could use this vulnerability to execute...

7.5CVSS2.7AI score0.00923EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/27 12:0 a.m.30 views

74cmsSE SQL Injection Vulnerability (CNVD-2022-61441)

74cmsSE is a free, open source professional recruiting system based on PHP MYSQL. 74cmsSE is vulnerable to SQL injection, which results from a lack of validation of externally entered SQL statements in the /home/job/index keyword parameter. An attacker could use this vulnerability to execute...

7.5CVSS2.8AI score0.00923EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/27 12:0 a.m.37 views

74cmsSE SQL Injection Vulnerability (CNVD-2022-61442)

74cmsSE is a free open source professional recruitment system based on PHP MYSQL. 74cmsSE is vulnerable to SQL injection, which results from a lack of validation of externally entered SQL statements in the /home/job/map keyword parameter. An attacker could use this vulnerability to execute illega...

7.5CVSS2.7AI score0.00923EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/27 12:0 a.m.27 views

74cmsSE SQL Injection Vulnerability (CNVD-2022-61440)

74cmsSE is a free open source professional recruitment system based on PHP MYSQL. 74cmsSE is vulnerable to SQL injection, which results from the lack of validation of external input SQL statements in the /freelance/resumelist keyword parameter. An attacker could use this vulnerability to execute...

7.5CVSS2.7AI score0.00923EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/13 12:0 a.m.14 views

SQL Injection Vulnerability in mymps Backend

mymps is a php mysql based website builder. SQL injection vulnerability exists in mymps backend, which can be exploited by attackers to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2022/05/18 12:0 a.m.26 views

GNUBOARD5 Cross-Site Scripting Vulnerability (CNVD-2022-70083)

GNUBOARD5 is a PHP and MySQL-based Web forum system. GNUBOARD5 versions 5.55 and 5.56 are vulnerable to a cross-site scripting vulnerability, which originates in bbs/memberconfirm.php and lacks a data validation filter for user-supplied data and output. An attacker could exploit this vulnerabilit...

4.3CVSS3.4AI score0.0067EPSS
Exploits1Affected Software1
Cvelist
Cvelist
added 2022/04/28 2:0 p.m.28 views

CVE-2022-28102

A cross-site scripting XSS vulnerability in PHP MySQL Admin Panel Generator v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected at /edit-db.php...

5.5AI score0.00466EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/04/28 12:0 a.m.6 views

PT-2022-18810 · Unknown · Php Mysql Admin Panel Generator

Name of the Vulnerable Software and Affected Versions: PHP MySQL Admin Panel Generator version 1 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected at the "/edit-db.php" API endpoint. This enables attackers to...

5.4CVSS5.6AI score0.00466EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2022/03/24 12:0 a.m.293 views

Online Sports Complex Booking System 1.0 SQL Injection

Exploit Title: Online Sports Complex Booking System - 'id' Blind SQL Injection Date: 24/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/03/24 12:0 a.m.333 views

Online Sports Complex Booking System 1.0 Account Takeover

Exploit Title: Online Sports Complex Booking System - Account Takeover Unauthenticated Date: 24/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/02/11 12:0 a.m.293 views

Subrion CMS 4.2.1 Cross Site Request Forgery

Exploit Title: Subrion CMS 4.2.1 - Cross Site Request Forgery CSRF Add Amin Date: 2022-02-09 Exploit Author: Aryan Chehreghani Vendor Homepage: https://subrion.org Software Link: https://subrion.org/download Version: 4.2.1 Tested on: Windows 10 About - Subrion CMS : Subrion is a PHP/MySQL based C...

0.4AI score
Exploits0
CNVD
CNVD
added 2022/02/09 12:0 a.m.20 views

Sourcecodester Mobile Shop System in PHP MySQL Information Disclosure Vulnerability

Sourcecodester Mobile Shop System in PHP MySQL is an online ordering system for Gadget Works developed using PHP/MySQLi. The main goal of this online ordering system is to improve customer convenience. sourcecodester Mobile Shop System in PHP MySQL 1.0 is vulnerable due to a security flaw in the...

9.8CVSS1.2AI score0.01666EPSS
Exploits1References1
NVD
NVD
added 2022/01/28 4:15 p.m.17 views

CVE-2020-25905

An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via the email parameter in 1 login.php or 2 LoginAsAdmin.php...

9.8CVSS0.01666EPSS
Exploits1References2
CNVD
CNVD
added 2022/01/11 12:0 a.m.16 views

Changsha Mito Information Technology Company Limited MetInfo suffers from file upload vulnerability (CNVD-2022-08512)

MetInfo is a php MySQL for the development of enterprise building system. A file upload vulnerability exists in MetInfo of Changsha Mito Information Technology Company Limited, which can be exploited by attackers to gain control of the server...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/12/12 12:0 a.m.16 views

74 CMS Cross-Site Scripting Vulnerability (CNVD-2021-99667)

74cms is a PHP and MySQL-based online recruitment system from China Xunyi Technology Co. 74CMS has a cross-site scripting vulnerability in version v6.0.4, which originates from /index.php?m=&c=help&a=helplist&key missing a data validation filter for user-supplied data and output. An attacker coul...

6.1CVSS3.5AI score0.008EPSS
Exploits1References1
Rows per page
Query Builder