268 matches found
CVE-2025-51654
SemCms v5.0 is vulnerable to SQL injection via the pid parameter in SEMCMS_Infocategories.php. Root cause: unsafely concatenated pid in SQL queries. Impact: potential data exposure or manipulation with at least low confidentiality/integrity risk per CVSS, no availability impact. Exploitation stat...
CVE-2025-51652
Summary: CVE-2025-51652 affects SemCms v5.0, where a SQL injection can be triggered via the pid parameter in SEMCMS_Categories.php. The vulnerability is confirmed across multiple sources (NVD, Red Hat, CVE list, PT Security, CNNVD, etc.). Impact: confidentiality and integrity impacts are listed a...
CVE-2025-51654
SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMSInfocategories.php...
CVE-2025-51653
SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMSct.php...
SEMCMS 安全漏洞
SEMCMS is SEMCMS open source content management system CMS for foreign trade websites that supports multi-language. A security vulnerability exists in SEMCMS v5.0, which originates from SQL injection of the pid parameter in SEMCMSInfocategories.php...
CVE-2025-51655
SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMSQuanxian.php...
CVE-2025-51654
SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMSInfocategories.php...
PT-2025-29495 · Semcms · Semcms
Name of the Vulnerable Software and Affected Versions: SemCms version 5.0 Description: SemCms version 5.0 contains a SQL injection vulnerability. The vulnerability is located in the pid parameter at the SEMCMS Quanxian.php file. Recommendations: As a mitigation, restrict access to the SEMCMS...
SEMCMS 安全漏洞
SEMCMS is SEMCMS open source content management system CMS for foreign trade websites that support multi-language. A security vulnerability exists in SEMCMS v5.0, which originates from SQL injection of the pid parameter in SEMCMSct.php...
PT-2025-29492 · Semcms · Semcms
Name of the Vulnerable Software and Affected Versions: SemCms version 5.0 Description: SemCms version 5.0 contains a SQL injection issue via the pid parameter at the SEMCMS Categories.php file. Recommendations: As a temporary workaround, consider restricting access to the SEMCMS Categories.php fi...
SEMCMS 安全漏洞
SEMCMS is SEMCMS open source content management system CMS for foreign trade websites that supports multi-language. A security vulnerability exists in SEMCMS v5.0, which originates from SQL injection of the pid parameter in SEMCMSCategories.php...
Online Shoe Store admin_product.php File SQL Injection Vulnerability
Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter pid in the file /admin/adminproduct.php. An attacker can exploit this vulnerability to...
Code-Projects Online Shopping Store 安全漏洞
Code-Projects Online Shopping Store is a Code-Projects open source online store. A security vulnerability exists in Code-Projects Online Shopping Store version 1.0, which originates from SQL injection due to incorrect manipulation of the parameters catid/brandid/keyword/proId/pid in file/action.p...
CVE-2025-6343
A vulnerability, which was classified as critical, was found in code-projects Online Shoe Store 1.0. Affected is an unknown function of the file /admin/adminproduct.php. The manipulation of the argument pid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
code-projects Online Shoe Store 注入漏洞
Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter pid in the file /admin/adminfootball.php. The vulnerability can be exploited to execute...
CVE-2024-42783
Kashipara Music Management System v1.0 is vulnerable to SQL Injection via /music/manageplaylistitems.php. An attacker can execute arbitrary SQL commands via the "pid" parameter...
CVE-2023-34754
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings=plugins=edit...
CVE-2023-23156
Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the pid parameter in the single-product page...
CVE-2022-3956
A vulnerability classified as critical has been found in tsruban HHIMS 2.1. Affected is an unknown function of the component Patient Portrait Handler. The manipulation of the argument PID leads to sql injection. It is possible to launch the attack remotely. It is recommended to apply a patch to f...
CVE-2021-3264
SQL Injection vulnerability in cxuucms 3.1 ivia the pid parameter in public/admin.php...