Lucene search
K

268 matches found

CVE
CVE
added 2025/07/14 12:0 a.m.21 views

CVE-2025-51654

SemCms v5.0 is vulnerable to SQL injection via the pid parameter in SEMCMS_Infocategories.php. Root cause: unsafely concatenated pid in SQL queries. Impact: potential data exposure or manipulation with at least low confidentiality/integrity risk per CVSS, no availability impact. Exploitation stat...

5.4CVSS8.5AI score0.00221EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/07/14 12:0 a.m.19 views

CVE-2025-51652

Summary: CVE-2025-51652 affects SemCms v5.0, where a SQL injection can be triggered via the pid parameter in SEMCMS_Categories.php. The vulnerability is confirmed across multiple sources (NVD, Red Hat, CVE list, PT Security, CNNVD, etc.). Impact: confidentiality and integrity impacts are listed a...

5.4CVSS8.5AI score0.00221EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/07/14 12:0 a.m.8 views

CVE-2025-51654

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMSInfocategories.php...

0.00221EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/07/14 12:0 a.m.3 views

CVE-2025-51653

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMSct.php...

8.5AI score0.00221EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/07/14 12:0 a.m.4 views

SEMCMS 安全漏洞

SEMCMS is SEMCMS open source content management system CMS for foreign trade websites that supports multi-language. A security vulnerability exists in SEMCMS v5.0, which originates from SQL injection of the pid parameter in SEMCMSInfocategories.php...

5.4CVSS7.9AI score0.00221EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/07/14 12:0 a.m.3 views

CVE-2025-51655

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMSQuanxian.php...

8.5AI score0.00221EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/07/14 12:0 a.m.4 views

CVE-2025-51654

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMSInfocategories.php...

8.5AI score0.00221EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/07/14 12:0 a.m.3 views

PT-2025-29495 · Semcms · Semcms

Name of the Vulnerable Software and Affected Versions: SemCms version 5.0 Description: SemCms version 5.0 contains a SQL injection vulnerability. The vulnerability is located in the pid parameter at the SEMCMS Quanxian.php file. Recommendations: As a mitigation, restrict access to the SEMCMS...

5.4CVSS7.2AI score0.00221EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/07/14 12:0 a.m.5 views

SEMCMS 安全漏洞

SEMCMS is SEMCMS open source content management system CMS for foreign trade websites that support multi-language. A security vulnerability exists in SEMCMS v5.0, which originates from SQL injection of the pid parameter in SEMCMSct.php...

5.4CVSS7.9AI score0.00221EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/07/14 12:0 a.m.4 views

PT-2025-29492 · Semcms · Semcms

Name of the Vulnerable Software and Affected Versions: SemCms version 5.0 Description: SemCms version 5.0 contains a SQL injection issue via the pid parameter at the SEMCMS Categories.php file. Recommendations: As a temporary workaround, consider restricting access to the SEMCMS Categories.php fi...

5.4CVSS7.3AI score0.00221EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/07/14 12:0 a.m.5 views

SEMCMS 安全漏洞

SEMCMS is SEMCMS open source content management system CMS for foreign trade websites that supports multi-language. A security vulnerability exists in SEMCMS v5.0, which originates from SQL injection of the pid parameter in SEMCMSCategories.php...

5.4CVSS7.9AI score0.00221EPSS
Exploits1References4
CNVD
CNVD
added 2025/06/27 12:0 a.m.2 views

Online Shoe Store admin_product.php File SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter pid in the file /admin/adminproduct.php. An attacker can exploit this vulnerability to...

9.8CVSS7.9AI score0.00421EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/06/22 12:0 a.m.3 views

Code-Projects Online Shopping Store 安全漏洞

Code-Projects Online Shopping Store is a Code-Projects open source online store. A security vulnerability exists in Code-Projects Online Shopping Store version 1.0, which originates from SQL injection due to incorrect manipulation of the parameters catid/brandid/keyword/proId/pid in file/action.p...

7.2CVSS5.6AI score0.00466EPSS
Exploits1References2
OSV
OSV
added 2025/06/20 2:15 p.m.3 views

CVE-2025-6343

A vulnerability, which was classified as critical, was found in code-projects Online Shoe Store 1.0. Affected is an unknown function of the file /admin/adminproduct.php. The manipulation of the argument pid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS5.7AI score
Exploits0References5
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.3 views

code-projects Online Shoe Store 注入漏洞

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter pid in the file /admin/adminfootball.php. The vulnerability can be exploited to execute...

9.8CVSS8.2AI score0.00421EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 10:30 a.m.7 views

CVE-2024-42783

Kashipara Music Management System v1.0 is vulnerable to SQL Injection via /music/manageplaylistitems.php. An attacker can execute arbitrary SQL commands via the "pid" parameter...

9.8CVSS8.6AI score0.00382EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:27 a.m.6 views

CVE-2023-34754

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings=plugins=edit...

9.8CVSS8.2AI score0.03449EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 2:36 a.m.5 views

CVE-2023-23156

Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the pid parameter in the single-product page...

9.8CVSS8.5AI score0.03684EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:30 p.m.3 views

CVE-2022-3956

A vulnerability classified as critical has been found in tsruban HHIMS 2.1. Affected is an unknown function of the component Patient Portrait Handler. The manipulation of the argument PID leads to sql injection. It is possible to launch the attack remotely. It is recommended to apply a patch to f...

9.8CVSS9.1AI score0.00656EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:33 p.m.15 views

CVE-2021-3264

SQL Injection vulnerability in cxuucms 3.1 ivia the pid parameter in public/admin.php...

7.2CVSS8.2AI score0.00875EPSS
Exploits1References1
Rows per page
Query Builder