bloofoxCMS SQL注入漏洞

bloofoxCMS is bloofox bloofoxCMS individual developers of a Php-based text content management system. A security vulnerability exists in bloofoxCMS version v0.5.2.1, which stems from a pid parameter found to contain an SQL injection vulnerability via...

PT-2023-25000 · Bloofox · Bloofox

Name of the Vulnerable Software and Affected Versions: bloofox version 0.5.2.1 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the pid parameter at the "admin/index.php?mode=settings&page=plugins&action=edit" endpoint. Recommendations: F...

CVE-2023-29803

TOTOLINK X18 V9.1.0cu.2024B20220329 was discovered to contain a command injection vulnerability via the pid parameter in the disconnectVPN function...

TOTOLINK X18 命令注入漏洞

The TOTOLINK X18 is a mesh router system from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK X18 version V9.1.0cu.2024B20220329, which stems from a command injection vulnerability via the pid parameter in the disconnectVPN function...

CVE-2023-23156

Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the pid parameter in the single-product page...

PT-2023-18863 · Unknown · Art Gallery Management System Project

Name of the Vulnerable Software and Affected Versions: Art Gallery Management System Project in PHP version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the pid parameter in the single-product page. Recommendations: For Art Galler...

CVE-2022-0383

The WP Review Slider WordPress plugin before 11.0 does not sanitise and escape the pid parameter when copying a Twitter source, which could allow a high privilege users to perform SQL Injections attacks...

WordPress SQL注入漏洞

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers.WordPress WP Review Slider plugin version 11.0 before the SQL injection vulnerability, the vulnerability stems fr...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the WordPress plugin that stems from the Sendinblue plugin prior to...

CVE-2021-46451

An SQL Injection vulnerabilty exists in Sourcecodester Online Project Time Management System 1.0 via the pid parameter in the loadfile function...

CVE-2021-46451

An SQL Injection vulnerabilty exists in Sourcecodester Online Project Time Management System 1.0 via the pid parameter in the loadfile function...

GHSA-53XV-C2HX-5W6Q Command Injection in node-windows

lib/cmd.js in the node-windows package before 1.0.0-beta.6 for Node.js allows command injection via the PID parameter...

Nodejs Command Injection Vulnerability

nodejs is a JavaScript runtime environment based on the ChromeV8 engine through the Chromev8 engine for the packaging and the use of event-driven and non-blocking IO applications so that the development of high-performance Javascript background applications has become possible . A command injecti...

Command injection

lib/cmd.js in the node-windows package before 1.0.0-beta.6 for Node.js allows command injection via the PID parameter...

CVE-2020-21725

OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter...

CVE-2020-21725

OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter...

Sql injection

OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter...

CVE-2020-21725

OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter...

嘉兴想天信息科技 OpenSNS SQL注入漏洞

OpenSNS is a comprehensive social software developed by Thinking Sky. A SQL blind injection vulnerability exists in the pid parameter in /Controller/ChinaCityController.class.php in OpenSNS version 6.1.0. An attacker can exploit this vulnerability to obtain sensitive database information...

CVE-2021-3264

SQL Injection vulnerability in cxuucms 3.1 ivia the pid parameter in public/admin.php...