Sql injection

OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter...

CVE-2020-21725

OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter...

嘉兴想天信息科技 OpenSNS SQL注入漏洞

OpenSNS is a comprehensive social software developed by Thinking Sky. A SQL blind injection vulnerability exists in the pid parameter in /Controller/ChinaCityController.class.php in OpenSNS version 6.1.0. An attacker can exploit this vulnerability to obtain sensitive database information...

CVE-2021-3264

SQL Injection vulnerability in cxuucms 3.1 ivia the pid parameter in public/admin.php...

Sql injection

SQL Injection vulnerability in cxuucms 3.1 ivia the pid parameter in public/admin.php...

Cxuucms SQL注入漏洞

cxuucms is a PHP-based content relationship building system. cxuucms version 3.1 has a SQL injection vulnerability that originates from setting the pid parameter in public/admin.php, which can be exploited by attackers to obtain sensitive database information...

OS Command Injection

xps is vulnerable to OS command injection. An attacker is able to inject and execute arbitrary OS commands via the pid parameter due to the lack of sanitisation and validation...

CVE-2019-16862

Reflected XSS in interface/forms/eyemag/view.php in OpenEMR 5.x before 5.0.2.1 allows a remote attacker to execute arbitrary code in the context of a user's session via the pid parameter...

CVE-2019-16862

Reflected XSS in interface/forms/eyemag/view.php in OpenEMR 5.x before 5.0.2.1 allows a remote attacker to execute arbitrary code in the context of a user's session via the pid parameter...

OpenEMR Cross-Site Scripting Vulnerability (CNVD-2019-43372)

OpenEMR is a medical practice management software that also supports electronic medical records EMR. A reflected cross-site scripting vulnerability exists in interface/forms/eyemag/view.php in OpenEMR. An attacker can exploit this vulnerability to execute arbitrary code in the context of a user...

CVE-2016-10951

The fs-shopping-cart plugin 2.07.02 for WordPress has SQL injection via the pid parameter...

CVE-2016-10951

The fs-shopping-cart plugin 2.07.02 for WordPress has SQL injection via the pid parameter...

CVE-2018-20519

An issue was discovered in 74cms v4.2.111. It allows remote authenticated users to read or modify arbitrary resumes by changing a job-search intention, as demonstrated by the index.php?c=Personal&a=ajaxsavebasic pid parameter...

CVE-2018-16606

In ProConf before 6.1, an Insecure Direct Object Reference IDOR allows any author to view and grab all submitted papers Title and Abstract and their authors' personal information Name, Email, Organization, and Position by changing the value of Paper ID the pid parameter...

idreamsoft iCMS SQL Injection Vulnerability

idreamsoft iCMS is an open source content management system CMS based on PHP and MySQL. A SQL injection vulnerability exists in idreamsoft iCMS 7.0.7 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands with the 'pid' array parameter in the...

PHP Scripts Mall Advance B2B Script SQL Injection Vulnerability

PHP Scripts Mall Advance B2B Script is a set of PHP-based B2B2 business-to-business transactional website scripts from PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Advance B2B Script version 2.1.3. A remote attacker can exploit this vulnerability by sending the...

CVE-2017-17586

FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter...

CVE-2017-17586

FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter...

CVE-2017-17610

E-commerce MLM Software 1.0 has SQL Injection via the servicedetail.php pid parameter, eventdetail.php eventid parameter, or newsdetail.php newid parameter...

Sql injection

E-commerce MLM Software 1.0 has SQL Injection via the servicedetail.php pid parameter, eventdetail.php eventid parameter, or newsdetail.php newid parameter...