Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2026/02/22 2:16 p.m.2 views

CVE-2019-25440

WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prodid parameter. Attackers can send GET requests to productdetail.php with malicious prodid values to extract sensitive database informatio...

8.8CVSS0.00132EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/02/22 1:34 p.m.4 views

CVE-2019-25440 WebIncorp ERP Every version SQL Injection via product_detail.php

WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prodid parameter. Attackers can send GET requests to productdetail.php with malicious prodid values to extract sensitive database informatio...

8.8CVSS5.7AI score0.00132EPSS
Exploits0References2
OSV
OSVadded 2025/10/11 11:15 a.m.1 views

CVE-2025-11597

A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

9.8CVSS5.7AI score0.00043EPSS
Exploits1References5
OSV
OSVadded 2024/02/29 1:42 a.m.0 views

CVE-2023-7106

A vulnerability was found in code-projects E-Commerce Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file productdetails.php?prodid=11. The manipulation of the argument prodid leads to sql injection. The attack can be launched...

8.8CVSS5.7AI score
Exploits0References3
exploitpack
exploitpackadded 2019/08/01 12:0 a.m.19 views

WebIncorp ERP - SQL injection

WebIncorp ERP - SQL injection Exploit Title: WebIncorp ERP - SQL injection Date: 1.8.2019. Exploit Author: n1x MS-WEB Vendor Homepage: https://www.webincorp.com/products/erp-software-qatar Version: Every version CWE : CWE-89 Vulnerable parameter: prodid productdetail.php GET Request GET...

0.1AI score
Exploits0
Exploit DB
Exploit DBadded 2019/08/01 12:0 a.m.130 views

WebIncorp ERP - SQL injection

Exploit Title: WebIncorp ERP - SQL injection Date: 1.8.2019. Exploit Author: n1x MS-WEB Vendor Homepage: https://www.webincorp.com/products/erp-software-qatar Version: Every version CWE : CWE-89 Vulnerable parameter: prodid productdetail.php GET Request GET https://host/productdetail.php?prodid=x...

7.4AI score
Exploits0
NVD
NVDadded 2015/03/05 3:59 p.m.16 views

CVE-2015-2216

SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote attackers to execute arbitrary SQL commands via the prodid parameter...

7.5CVSS8.3AI score0.03471EPSS
Exploits2References4
Prion
Prionadded 2015/03/05 3:59 p.m.20 views

Sql injection

SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote attackers to execute arbitrary SQL commands via the prodid parameter...

7.5CVSS9AI score0.03471EPSS
Exploits2References4Affected Software1
NVD
NVDadded 2015/01/13 3:59 p.m.12 views

CVE-2014-100016

Cross-site scripting XSS vulnerability in photocrati-gallery/ecomm-sizes.php in the Photocrati theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the prodid parameter...

4.3CVSS5.8AI score0.00233EPSS
Exploits1References5
Rows per page
Query Builder