CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2015/01/06 12:0 a.m.•2 views

phpMyRecipes category parameter SQL injection vulnerability

phpMyRecipes is a simple web-based recipe storage and retrieval application. A SQL injection vulnerability exists in the phpMyRecipes category parameter, which allows remote attackers to exploit the vulnerability by submitting a specially crafted SQL query to manipulate or obtain database data, d...

7.5CVSS8AI score0.00943EPSS

Exploits1References1

NVD•added 2015/01/02 7:59 p.m.•9 views

CVE-2014-9440

SQL injection vulnerability in browse.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the category parameter...

7.5CVSS8.3AI score0.00943EPSS

Prion•added 2015/01/02 7:59 p.m.•8 views

Sql injection

SQL injection vulnerability in browse.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the category parameter...

7.5CVSS9AI score0.00943EPSS

CVE•added 2015/01/02 7:0 p.m.•33 views

CVE-2014-9440

The CVE-2014-9440 issue affects phpMyRecipes 1.2.2, where a SQL injection vulnerability exists in browse.php via the category parameter. The root cause is inadequate input validation/filtering of the category parameter, allowing remote attackers to append arbitrary SQL commands. Consequences desc...

7.5CVSS8.7AI score0.00943EPSS

Cvelist•added 2015/01/02 7:0 p.m.•12 views

CVE-2014-9440

SQL injection vulnerability in browse.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the category parameter...

8.3AI score0.00943EPSS

exploitpack•added 2014/12/23 12:0 a.m.•35 views

PHPMyRecipes 1.2.2 - browse.php?category SQL Injection

PHPMyRecipes 1.2.2 - browse.php?category SQL Injection Exploit Title : phpMyRecipes 1.2.2 SQL injectionpage browse.php, parameter category Author : Manish Kishan Tanwar Download Link : http://prdownloads.sourceforge.net/php-myrecipes/phpMyRecipes-1.2.2.tar.gz?download Date : 23/12/2014 Discovered...

0.4AI score

OpenVAS•added 2014/12/15 12:0 a.m.•13 views

phpMyRecipes 'words_exact' Parameter SQL injection vulnerability

phpMyRecipes is prone to multiple SQL injection vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.00943EPSS

Exploits2References4

NVD•added 2014/12/08 4:59 p.m.•6 views

CVE-2014-9347

SQL injection vulnerability in dosearch.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the wordsexact parameter...

7.5CVSS8.3AI score0.00546EPSS

Prion•added 2014/12/08 4:59 p.m.•11 views

Sql injection

SQL injection vulnerability in dosearch.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the wordsexact parameter...

7.5CVSS9AI score0.00546EPSS

Cvelist•added 2014/12/08 4:0 p.m.•13 views

CVE-2014-9347

SQL injection vulnerability in dosearch.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the wordsexact parameter...

8.3AI score0.00546EPSS

CVE•added 2014/12/08 4:0 p.m.•38 views

CVE-2014-9347

CVE-2014-9347 documents a SQL injection in phpMyRecipes 1.2.2, specifically in dosearch.php via the words_exact parameter. The vulnerability enables remote attackers to execute arbitrary SQL commands, with the impact described as partial confidentiality, integrity, and availability. Affected comp...

7.5CVSS8.7AI score0.00546EPSS

Dsquare•added 2014/11/30 12:0 a.m.•82 views

phpMyRecipes 1.2.2 dosearch.php SQL Injection

SQL Injection vulnerabilty in phpMyRecipes dosearch.php Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

0.5AI score

Exploits0References1

exploitpack•added 2014/11/25 12:0 a.m.•12 views

PHPMyRecipes 1.2.2 - dosearch.php?words_exact SQL Injection

PHPMyRecipes 1.2.2 - dosearch.php?wordsexact SQL Injection !/usr/bin/python import httplib from bs4 import BeautifulSoup import re import os Function that takes an SQL select statement and inject it into the wordsexact variable of dosearch.php Returns BeautifulSoup object def sqliselect: inject =...

0.5AI score

0day.today•added 2014/11/25 12:0 a.m.•18 views

phpMyRecipes 1.2.2 SQL Injection Exploit

phpMyRecipes 1.2.2 dosearch.php, wordsexact param - SQL Injection phpMyRecipes 1.2.2 dosearch.php, wordsexact param - SQL Injection Exploit !/usr/bin/python import httplib from bs4 import BeautifulSoup import re import os Function that takes an SQL select statement and inject it into the wordsexa...

8AI score

Exploit DB•added 2014/11/25 12:0 a.m.•21 views

PHPMyRecipes 1.2.2 - 'dosearch.php?words_exact' SQL Injection

!/usr/bin/python import httplib from bs4 import BeautifulSoup import re import os Function that takes an SQL select statement and inject it into the wordsexact variable of dosearch.php Returns BeautifulSoup object def sqliselect: inject = '"' IN BOOLEAN MODE UNION ' + select + '' body =...

7.4AI score

seebug.org•added 2014/07/01 12:0 a.m.•18 views

phpMyRecipes 1.2.2 (viewrecipe.php, r_id param) - SQL Injection Vulnerability

No description provided by source. phpMyRecipes 1.2.2 SQL Injection Exploit By cr4wl3r http://bastardlabs.info Script: http://sourceforge.net/projects/php-myrecipes/files/ Demo: http://bastardlabs.info/demo/phpMyRecipes.png Tested: Ubuntu Linux Bugs found in viewrecipe.php $rid = $GET'rid'; if !...

7.1AI score