Lucene search
K

543 matches found

CNVD
CNVD
added 2022/08/24 12:0 a.m.24 views

Bluecms has an unspecified vulnerability (CNVD-2022-59211)

BlueCMS is a content management system CMS based on PHP and MySQL. a security vulnerability exists in BlueCMS version 1.6, which stems from an SQL injection in line 132 of admin/area.php. No details of the vulnerability are currently available...

9.8CVSS3AI score0.14423EPSS
Exploits1References1
CNVD
CNVD
added 2022/08/12 12:0 a.m.18 views

SQL injection vulnerability exists in RPCMS (CNVD-2022-64953)

RPCMS is a lightweight content management/blogging system based on PHP MYSQL.RPCMS is vulnerable to SQL injection, which can be exploited by attackers to obtain sensitive database information...

2.4AI score
Exploits0
CNVD
CNVD
added 2022/08/12 12:0 a.m.20 views

SQL injection vulnerability exists in RPCMS (CNVD-2022-61944)

RPCMS is a lightweight content management/blogging system based on PHP MYSQL.RPCMS is vulnerable to SQL injection, which can be exploited by attackers to obtain sensitive database information...

2.4AI score
Exploits0
CNVD
CNVD
added 2022/06/27 12:0 a.m.37 views

74cmsSE SQL Injection Vulnerability (CNVD-2022-61442)

74cmsSE is a free open source professional recruitment system based on PHP MYSQL. 74cmsSE is vulnerable to SQL injection, which results from a lack of validation of externally entered SQL statements in the /home/job/map keyword parameter. An attacker could use this vulnerability to execute illega...

7.5CVSS2.7AI score0.00901EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/27 12:0 a.m.26 views

74cmsSE SQL Injection Vulnerability (CNVD-2022-61440)

74cmsSE is a free open source professional recruitment system based on PHP MYSQL. 74cmsSE is vulnerable to SQL injection, which results from the lack of validation of external input SQL statements in the /freelance/resumelist keyword parameter. An attacker could use this vulnerability to execute...

7.5CVSS2.7AI score0.00901EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/27 12:0 a.m.31 views

74cmsSE SQL Injection Vulnerability (CNVD-2022-61443)

74cmsSE is a free open source professional recruitment system based on PHP MYSQL. 74cmsSE suffers from a SQL injection vulnerability, which originates from a keyword parameter in /home /jobfairol/resumelist that lacks validation for external input SQL statements. An attacker could use this...

7.5CVSS4.7AI score0.00987EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/27 12:0 a.m.29 views

74cmsSE SQL Injection Vulnerability (CNVD-2022-61441)

74cmsSE is a free, open source professional recruiting system based on PHP MYSQL. 74cmsSE is vulnerable to SQL injection, which results from a lack of validation of externally entered SQL statements in the /home/job/index keyword parameter. An attacker could use this vulnerability to execute...

7.5CVSS2.8AI score0.00901EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/27 12:0 a.m.37 views

74cmsSE SQL Injection Vulnerability

74cmsSE is a free open source professional recruitment system based on PHP MYSQL. 74cmsSE is vulnerable to SQL injection, which results from a lack of validation of externally entered SQL statements in the /home/resume/index keyword parameter. An attacker could use this vulnerability to execute...

7.5CVSS2.7AI score0.00901EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/13 12:0 a.m.14 views

SQL Injection Vulnerability in mymps Backend

mymps is a php mysql based website builder. SQL injection vulnerability exists in mymps backend, which can be exploited by attackers to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2022/05/18 12:0 a.m.26 views

GNUBOARD5 Cross-Site Scripting Vulnerability (CNVD-2022-70083)

GNUBOARD5 is a PHP and MySQL-based Web forum system. GNUBOARD5 versions 5.55 and 5.56 are vulnerable to a cross-site scripting vulnerability, which originates in bbs/memberconfirm.php and lacks a data validation filter for user-supplied data and output. An attacker could exploit this vulnerabilit...

4.3CVSS3.4AI score0.0067EPSS
Exploits1Affected Software1
Cvelist
Cvelist
added 2022/04/28 2:0 p.m.26 views

CVE-2022-28102

A cross-site scripting XSS vulnerability in PHP MySQL Admin Panel Generator v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected at /edit-db.php...

5.5AI score0.00473EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/04/28 12:0 a.m.6 views

PT-2022-18810 · Unknown · Php Mysql Admin Panel Generator

Name of the Vulnerable Software and Affected Versions: PHP MySQL Admin Panel Generator version 1 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected at the "/edit-db.php" API endpoint. This enables attackers to...

5.4CVSS5.6AI score0.00473EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2022/03/24 12:0 a.m.291 views

Online Sports Complex Booking System 1.0 SQL Injection

Exploit Title: Online Sports Complex Booking System - 'id' Blind SQL Injection Date: 24/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/03/24 12:0 a.m.330 views

Online Sports Complex Booking System 1.0 Account Takeover

Exploit Title: Online Sports Complex Booking System - Account Takeover Unauthenticated Date: 24/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/02/11 12:0 a.m.293 views

Subrion CMS 4.2.1 Cross Site Request Forgery

Exploit Title: Subrion CMS 4.2.1 - Cross Site Request Forgery CSRF Add Amin Date: 2022-02-09 Exploit Author: Aryan Chehreghani Vendor Homepage: https://subrion.org Software Link: https://subrion.org/download Version: 4.2.1 Tested on: Windows 10 About - Subrion CMS : Subrion is a PHP/MySQL based C...

0.4AI score
Exploits0
CNVD
CNVD
added 2022/02/09 12:0 a.m.20 views

Sourcecodester Mobile Shop System in PHP MySQL Information Disclosure Vulnerability

Sourcecodester Mobile Shop System in PHP MySQL is an online ordering system for Gadget Works developed using PHP/MySQLi. The main goal of this online ordering system is to improve customer convenience. sourcecodester Mobile Shop System in PHP MySQL 1.0 is vulnerable due to a security flaw in the...

9.8CVSS1.2AI score0.01666EPSS
Exploits1References1
NVD
NVD
added 2022/01/28 4:15 p.m.17 views

CVE-2020-25905

An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via the email parameter in 1 login.php or 2 LoginAsAdmin.php...

9.8CVSS0.01666EPSS
Exploits1References2
CNVD
CNVD
added 2022/01/11 12:0 a.m.16 views

Changsha Mito Information Technology Company Limited MetInfo suffers from file upload vulnerability (CNVD-2022-08512)

MetInfo is a php MySQL for the development of enterprise building system. A file upload vulnerability exists in MetInfo of Changsha Mito Information Technology Company Limited, which can be exploited by attackers to gain control of the server...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/12/12 12:0 a.m.16 views

74 CMS Cross-Site Scripting Vulnerability (CNVD-2021-99667)

74cms is a PHP and MySQL-based online recruitment system from China Xunyi Technology Co. 74CMS has a cross-site scripting vulnerability in version v6.0.4, which originates from /index.php?m=&c=help&a=helplist&key missing a data validation filter for user-supplied data and output. An attacker coul...

6.1CVSS3.5AI score0.008EPSS
Exploits1References1
CNVD
CNVD
added 2021/11/08 12:0 a.m.26 views

Sourcecodester Online Event Booking and Reservation System HTML Injection Vulnerability

Sourcecodester Online Event Booking and Reservation System is developed using PHP, MySQL database, HTML, CSS, Javascript, Bootstrap and AdminLTE. The system can be accessed by three types of users, namely system administrators, students and teachers. Sourcecodester Online Event Booking and...

4.3CVSS1.2AI score0.03792EPSS
Exploits3References1
Rows per page
Query Builder