93333 matches found
CVE-2019-25542
Netartmedia Real Estate Portal 5.0 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the useremail parameter. Attackers can send POST requests to index.php with malicious payloads in the useremail field to...
CVE-2019-25542
CVE-2019-25542 affects Netartmedia Real Estate Portal 5.0. The vulnerability is an SQL injection in the user_email parameter of index.php, exploitable by unauthenticated attackers to manipulate database queries. The attack can bypass authentication and potentially extract sensitive data or modify...
CVE-2019-25541 Netartmedia PHP Mall 4.1 Multiple SQL Injection
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. Attackers can inject time-based blind SQL payloads via the 'id' parameter in index.php or the 'Email' parameter in...
CVE-2019-25541 Netartmedia PHP Mall 4.1 Multiple SQL Injection
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. Attackers can inject time-based blind SQL payloads via the 'id' parameter in index.php or the 'Email' parameter in...
CVE-2019-25541
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. The affected vectors include id in index.php and Email in loginaction.php, enabling time-based blind payloads to extract sen...
CVE-2019-25541
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. Attackers can inject time-based blind SQL payloads via the 'id' parameter in index.php or the 'Email' parameter in...
CVE-2019-25540 Netartmedia PHP Mall 4.1 Multiple SQL Injection
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through various parameters. Attackers can craft malicious requests with SQL payloads to extract sensitive database information includi...
CVE-2019-25540 Netartmedia PHP Mall 4.1 Multiple SQL Injection
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through various parameters. Attackers can craft malicious requests with SQL payloads to extract sensitive database information includi...
CVE-2019-25540
Netartmedia PHP Mall 4.1 is affected by multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries via various parameters. The attacks can exfiltrate sensitive data, including user credentials and system information. The description does not specify...
CVE-2019-25539
CVE-2019-25539 affects 202CMS v10 beta. The vulnerability is a blind, time-based SQL injection in the log_user parameter via POST to index.php, exploitable by unauthenticated attackers to extract sensitive database information. Impact details from the entry indicate high confidentiality impact an...
CVE-2019-25535 Netartmedia PHP Dating Site SQL Injection via loginaction.php
Netartmedia PHP Dating Site contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with time-based SQL injection payloads in the Email field ...
CVE-2019-25533
Netartmedia PHP Business Directory 4.2 is affected by an SQL injection in the loginaction.php Email field, enabling unauthenticated attackers to manipulate database queries. This can lead to sensitive data disclosure and potential authentication bypass. The vulnerability impact is described as hi...
CVE-2019-25532 Netartmedia Jobs Portal 6.1 SQL Injection via loginaction.php
Netartmedia Jobs Portal 6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with crafted SQL payloads in the Email field to extract...
CVE-2019-25530 uHotelBooking System Lastest SQL Injection via system_page Parameter
uHotelBooking System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the systempage GET parameter. Attackers can send crafted requests to index.php with malicious systempage values using time-based blind SQ...
CVE-2019-25524
CVE-2019-25524 affects XooGallery Latest and is caused by an SQL injection in the p parameter to results.php. The vulnerability allows unauthenticated attackers to manipulate database queries, potentially bypassing authentication, extracting sensitive data, or modifying data. Exploitation details...
CVE-2019-25523
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the catid parameter. Attackers can send GET requests to cat.php with malicious catid values to bypass authentication, extract sensitive data...
CVE-2019-25522
XooGallery Latest contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through the photoid parameter. Attackers can send GET requests to photo.php with malicious photoid values to extract sensitive data, bypass...
CVE-2019-25521 XooGallery Lastest Latest SQL Injection via gal.php gal_id
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the galid parameter. Attackers can send GET requests to gal.php with malicious galid values to extract sensitive database information or...
CVE-2019-25521 XooGallery Lastest Latest SQL Injection via gal.php gal_id
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the galid parameter. Attackers can send GET requests to gal.php with malicious galid values to extract sensitive database information or...
CVE-2019-25517
The CVE covers Jettweb PHP Hazir Haber Sitesi Scripti V1 with an SQL injection vulnerability in the haberarsiv.php script. The vulnerability is triggered via the cid parameter, allowing unauthenticated attackers to perform UNION-based injections to extract sensitive database information or modify...