PHPSHE 1.7 - SQL Injection

A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment/alipay/pay.php with the parameter id. The vulnerability does not need any authentication. id: CVE-2019-9762 info: name: PHPSHE 1.7 - SQL Injection author: DhiyaneshDK severity: critical description: | A SQL Injection was...

CVE-2018-18485

An issue was discovered in PHPSHE 1.7. admin.php?mod=db=del allows remote attackers to delete arbitrary files via directory traversal sequences in the dbname parameter. This can be leveraged to reload the product by deleting install.lock...

EUVD-2020-11072

Malware in sbrugna...

EUVD-2019-19124

Malware in sbrugna...

EUVD-2019-16265

Malware in sbrugna...

EUVD-2020-10142

Malware in sbrugna...

EUVD-2019-16266

Malware in sbrugna...

EUVD-2018-20551

Malware in sbrugna...

EUVD-2019-18997

Malware in sbrugna...

EUVD-2018-10211

Malware in sbrugna...

EUVD-2018-10210

Malware in sbrugna...

EUVD-2025-10865

Malicious code in bioql PyPI...

EUVD-2022-29043

Malicious code in bioql PyPI...

EUVD-2025-10871

Malicious code in bioql PyPI...

CVE-2022-24132

phpshe V1.8 is affected by a denial of service DoS attack in the registry's verification code, which can paralyze the target service...

CVE-2020-18020

SQL Injection in PHPSHE Mall System v1.7 allows remote attackers to execute arbitrary code by injecting SQL commands into the "userphone" parameter of a crafted HTTP request to the "admin.php" component...

CVE-2020-18215

Multiple SQL Injection vulnerabilities in PHPSHE 1.7 in phpshe/admin.php via the 1 adid, 2 menuid, and 3 cashoutid parameters, which could let a remote malicious user execute arbitrary code...

CVE-2020-19165

PHPSHE 1.7 has SQL injection via the admin.php?mod=userid=1 userlevelid parameter...

CVE-2018-8943

There is a SQL injection in the PHPSHE 1.6 userbank parameter...

CVE-2019-9626

PHPSHE 1.7 allows module/index/cart.php pintuanid SQL Injection to index.php...