EUVD-2019-19796

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter. Attackers can send POST requests to arama.php with malicious SQL payloads in the poll parameter ...

CVE-2019-25518 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via arama.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter. Attackers can send POST requests to arama.php with malicious SQL payloads in the poll parameter ...

CVE-2019-25518

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter. Attackers can send POST requests to arama.php with malicious SQL payloads in the poll parameter ...

CVE-2019-25518

CVE-2019-25518 affects Jettweb PHP Hazir Haber Sitesi Scripti V1. An SQL injection flaw lets unauthenticated attackers inject SQL via the poll parameter in arama.php, enabling extraction or modification of database data. Root cause is unsafely constructed queries exposed to user input. Impact—hig...

PT-2026-24978

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter. Attackers can send POST requests to arama.php with malicious SQL payloads in the poll parameter ...

Jettweb PHP Hazir Haber Sitesi Scripti SQL注入漏洞

Jettweb PHP Preconfigured News Sites Script is a content management system developed by the Turkish company Jettweb. Version V1 of the Jettweb PHP Preconfigured News Sites Script has a SQL injection vulnerability. This vulnerability stems from the SQL injection in the poll parameter, which may...

CVE-2024-26473

A reflected cross-site scripting XSS vulnerability in SocialMediaWebsite v1.0.1 allows attackers to inject malicious JavaScript into the web browser of a victim via the poll parameter in poll.php...

Cross site scripting

A reflected cross-site scripting XSS vulnerability in SocialMediaWebsite v1.0.1 allows attackers to inject malicious JavaScript into the web browser of a victim via the poll parameter in poll.php...

PT-2024-21394 · Unknown · Socialmediawebsite

Name of the Vulnerable Software and Affected Versions: SocialMediaWebsite version 1.0.1 Description: A reflected cross-site scripting XSS issue allows attackers to inject malicious JavaScript into a victim's web browser via the poll parameter in "poll.php". Recommendations: For SocialMediaWebsite...

CVE-2024-26473

A reflected cross-site scripting XSS vulnerability in SocialMediaWebsite v1.0.1 allows attackers to inject malicious JavaScript into the web browser of a victim via the poll parameter in poll.php...

CVE-2024-26473

The CVE-2024-26473 entry concerns a reflected XSS in SocialMediaWebsite v1.0.1, exploitable via the poll parameter in poll.php. The vulnerability allows attackers to inject JavaScript into a victim’s browser, with the impact described as browser-side script execution. Affected component is the po...

CVE-2024-26473

A reflected cross-site scripting XSS vulnerability in SocialMediaWebsite v1.0.1 allows attackers to inject malicious JavaScript into the web browser of a victim via the poll parameter in poll.php...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress YOP Poll Plugin, which stems from a lack of...

CVE-2005-3742

Cross-site scripting XSS vulnerability in popup.php in Advanced Poll 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the pollident parameter...