CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

46 matches found

CNVD•added 2018/06/12 12:0 a.m.•1 views

portfolioCMS SQL Injection Vulnerability

portfolioCMS is a content management system CMS based on PHP and MySQL. A SQL injection vulnerability exists in portfolioCMS version 1.0.5. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands with the help of the 'preview' parameter...

7.2CVSS8.7AI score0.01059EPSS

Exploits1References1

Prion•added 2018/06/11 1:29 p.m.•13 views

Sql injection

portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter...

6.5CVSS7.5AI score0.01059EPSS

Exploits1References1Affected Software1

NVD•added 2018/06/11 1:29 p.m.•14 views

CVE-2018-12110

portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter...

7.2CVSS7.5AI score0.01059EPSS

Exploits1References1

OSV•added 2018/06/11 1:29 p.m.•12 views

CVE-2018-12110

portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter...

7.2CVSS7.8AI score

Exploits0References1

CVE•added 2018/06/11 1:0 p.m.•37 views

CVE-2018-12110

portfolioCMS 1.0.5 is vulnerable to SQL Injection via the admin/portfolio.php preview parameter (and related evidence cites the same issue in CNVD-2018-11358). The root cause is improper handling of the preview parameter, allowing an attacker to execute arbitrary SQL commands remotely. Impact per...

7.2CVSS7.5AI score0.01059EPSS

Exploits1References1Affected Software1