CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment/alipay/pay.php with the parameter id. The vulnerability does not need any authentication...

9.8CVSS7.4AI score0.53524EPSS

Exploits1References1

CVE•added 2021/02/09 6:56 p.m.•42 views

CVE-2020-18215

PHPSHE 1.7 has multiple SQL injection vulnerabilities in phpshe/admin.php via ad_id, menu_id and cashout_id parameters. Root cause: unsanitized input enabling SQL injection and potential remote code execution. Impact: arbitrary code execution on affected servers per the CVE descriptions. No patch...

8.8CVSS9.2AI score0.00561EPSS

Exploits1References2Affected Software1

NVD•added 2020/12/11 7:15 p.m.•9 views

CVE-2020-19165

PHPSHE 1.7 has SQL injection via the admin.php?mod=user&userlevelid=1 userlevelid parameter...

9.8CVSS9.9AI score0.0044EPSS

Exploits1References1

Prion•added 2020/12/11 7:15 p.m.•15 views

Sql injection

PHPSHE 1.7 has SQL injection via the admin.php?mod=user&userlevelid=1 userlevelid parameter...

7.5CVSS9.8AI score0.0044EPSS

Exploits1References1Affected Software1

Cvelist•added 2020/12/11 7:2 p.m.•15 views

CVE-2020-19165

PHPSHE 1.7 has SQL injection via the admin.php?mod=user&userlevelid=1 userlevelid parameter...

10AI score0.0044EPSS

Exploits1References1

Prion•added 2019/03/14 2:29 a.m.•8 views

Sql injection

A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment/alipay/pay.php with the parameter id. The vulnerability does not need any authentication...

7.5CVSS9.8AI score0.53524EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/14 1:0 a.m.•13 views

CVE-2019-9762

A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment/alipay/pay.php with the parameter id. The vulnerability does not need any authentication...

9.9AI score0.53524EPSS

Exploits1References1

Prion•added 2019/03/07 3:29 p.m.•9 views

Sql injection

PHPSHE 1.7 allows module/index/cart.php pintuanid SQL Injection to index.php...

7.5CVSS9.8AI score0.00245EPSS

Exploits1References1Affected Software1

NVD•added 2019/03/07 3:29 p.m.•10 views

CVE-2019-9626

PHPSHE 1.7 allows module/index/cart.php pintuanid SQL Injection to index.php...

9.8CVSS9.9AI score0.00245EPSS

Exploits1References1

Cvelist•added 2019/03/07 3:0 p.m.•13 views

CVE-2019-9626

PHPSHE 1.7 allows module/index/cart.php pintuanid SQL Injection to index.php...

9.9AI score0.00245EPSS

Exploits1References1

NVD•added 2019/01/23 7:29 p.m.•13 views

CVE-2019-6707

PHPSHE 1.7 has SQL injection via the admin.php?mod=product&act=state productid parameter...

7.2CVSS7.5AI score0.00242EPSS

Exploits1References1

Prion•added 2019/01/23 7:29 p.m.•10 views

Sql injection

PHPSHE 1.7 has SQL injection via the admin.php?mod=order state parameter...

6.5CVSS7.5AI score0.00242EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/01/23 7:0 p.m.•14 views

CVE-2019-6707

PHPSHE 1.7 has SQL injection via the admin.php?mod=product&act=state productid parameter...

7.5AI score0.00242EPSS

Exploits1References1

Cvelist•added 2019/01/23 7:0 p.m.•15 views

CVE-2019-6708

PHPSHE 1.7 has SQL injection via the admin.php?mod=order state parameter...

7.5AI score0.00242EPSS

Exploits1References1

CNVD•added 2018/10/19 12:0 a.m.•1 views

PHPSHE Arbitrary File Deletion Vulnerability

PHPSHE is an online shopping mall system. The system supports express tracking, online chat, order evaluation and statistics. A security vulnerability exists in the admin.php?mod=db&act=del script in PHPSHE version 1.7. A remote attacker can exploit this vulnerability to delete arbitrary files wi...

7.5CVSS7.7AI score0.00869EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by