258 matches found
CVE-2019-16704
admin/infoclassupdate.php in PHPMyWind 5.6 has stored XSS...
CVE-2019-16703
CVE-2019-16703 affects PHPMyWind 5.6, where the vulnerability is a stored cross-site scripting flaw in the admin/infolist_add.php file. The root cause is insufficient validation of client-side data, allowing an attacker to inject and execute arbitrary script when the page is accessed or when data...
CVE-2019-16703
admin/infolistadd.php in PHPMyWind 5.6 has stored XSS...
PHPMyWind Cross-Site Scripting Vulnerability (CNVD-2019-35827)
PHPMyWind is a set of PHP and MySQL-based and W3C-compliant enterprise website building solutions. A cross-site scripting vulnerability exists in the admin/infoclassupdate.php file in version 5.6 of PHPMyWind, which stems from the lack of proper validation of client-side data in the WEB applicati...
PHPMyWind Cross-Site Scripting Vulnerability (CNVD-2019-35825)
PHPMyWind is a set of PHP and MySQL-based and W3C-compliant enterprise website building solutions. A cross-site scripting vulnerability exists in the admin/infolistadd.php file in version 5.6 of PHPMyWind, which stems from the lack of proper validation of client-side data in the WEB application a...
SQL Injection Vulnerability in PHPMywind in***_s***.php File
PHPMyWind is a PHP + MySQL based development of W3C standards-compliant site building engine . A SQL injection vulnerability exists in the PHPMywind ins.php file, which can be exploited by an attacker to obtain sensitive database information...
SQL Injection Vulnerability in PHPMyWind s***_s***.php File
PHPMyWind is a PHP + MySQL based development of W3C standards-compliant site building engine . A SQL injection vulnerability exists in the PHPMyWind ss.php file. An attacker can exploit this vulnerability to obtain sensitive database information...
SQL Injection Vulnerability in PHPMyWind g****_s***.php File
PHPMyWind is a PHP + MySQL based development of W3C standards-compliant site building engine . A SQL injection vulnerability exists in the PHPMyWind gs.php file. An attacker can exploit the vulnerability to obtain sensitive database information...
SQL Injection Vulnerability in PHPMyWind infoi**_s***.php File
PHPMyWind is a PHP + MySQL based development of W3C standards-compliant site building engine . A SQL injection vulnerability exists in the PHPMyWind infois.php file. An attacker can exploit the vulnerability to obtain sensitive database information...
Command execution vulnerability in the PHPMyWind s***_s***.php file
PHPMyWind is a PHP MySQL-based development , W3C-compliant building engine . A code execution vulnerability exists in the ss.php file of PHPMywind. An attacker can exploit the vulnerability to execute arbitrary code...
SQL Injection Vulnerability in PHPMywind's in**_u*****.php File
PHPMyWind is a PHP + MySQL based development of W3C standards-compliant site building engine . A SQL injection vulnerability exists in the inu.php file of PHPMywind. An attacker can exploit the vulnerability to obtain sensitive database information...
PHPMyWind Cross-Site Scripting Vulnerability
PHPMyWind is a PHP + MySQL based development , W3C standard building engine . A cross-site scripting vulnerability exists in PHPMyWind. The vulnerability is due to the username parameter of /install/index.php in PHPMyWind 5.5 fails to effectively filter user-submitted data, which can be exploited...
PHPMyWind data/api/oauth/connect.php reflective cross-site scripting vulnerability
PHPMyWind is a PHP + MySQL based development , W3C standard building engine . A reflective cross-site scripting vulnerability exists in PHPMyWind data/api/oauth/connect.php. An attacker can exploit the vulnerability to obtain sensitive information such as user cookies...
CVE-2019-7660
An issue was discovered in PHPMyWind 5.5. The username parameter of the /install/index.php page has a stored Cross-site Scripting XSS vulnerability, as demonstrated by admin/login.php...
CVE-2019-7661
An issue was discovered in PHPMyWind 5.5. The method parameter of the data/api/oauth/connect.php page has a reflected Cross-site Scripting XSS vulnerability...
CVE-2019-7661
An issue was discovered in PHPMyWind 5.5. The method parameter of the data/api/oauth/connect.php page has a reflected Cross-site Scripting XSS vulnerability...
CVE-2019-7660
An issue was discovered in PHPMyWind 5.5. The username parameter of the /install/index.php page has a stored Cross-site Scripting XSS vulnerability, as demonstrated by admin/login.php...
Cross site scripting
An issue was discovered in PHPMyWind 5.5. The username parameter of the /install/index.php page has a stored Cross-site Scripting XSS vulnerability, as demonstrated by admin/login.php...
Cross site scripting
An issue was discovered in PHPMyWind 5.5. The method parameter of the data/api/oauth/connect.php page has a reflected Cross-site Scripting XSS vulnerability...
CVE-2019-7660
An issue was discovered in PHPMyWind 5.5. The username parameter of the /install/index.php page has a stored Cross-site Scripting XSS vulnerability, as demonstrated by admin/login.php...