46 matches found
CVE-2019-25440
WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prodid parameter. Attackers can send GET requests to productdetail.php with malicious prodid values to extract sensitive database informatio...
CVE-2019-25440
WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prodid parameter. Attackers can send GET requests to productdetail.php with malicious prodid values to extract sensitive database informatio...
CVE-2019-25440
WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prodid parameter. Attackers can send GET requests to productdetail.php with malicious prodid values to extract sensitive database informatio...
CVE-2019-25440 WebIncorp ERP Every version SQL Injection via product_detail.php
WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prodid parameter. Attackers can send GET requests to productdetail.php with malicious prodid values to extract sensitive database informatio...
CVE-2019-25440 WebIncorp ERP Every version SQL Injection via product_detail.php
WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prodid parameter. Attackers can send GET requests to productdetail.php with malicious prodid values to extract sensitive database informatio...
PT-2026-21441
WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prod id parameter. Attackers can send GET requests to product detail.php with malicious prod id values to extract sensitive database...
CVE-2020-37108
PhpIX 2012 Professional contains a SQL injection vulnerability in the 'id' parameter of productdetail.php that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the 'id' parameter to potentially extract or modify database information...
EUVD-2020-30986
PhpIX 2012 Professional contains a SQL injection vulnerability in the 'id' parameter of productdetail.php that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the 'id' parameter to potentially extract or modify database information...
CVE-2020-37108
The CVE-2020-37108 issue affects PhpIX 2012 Professional and is caused by an SQL injection in the id parameter of product_detail.php, enabling remote manipulation of database queries. Affected component: product_detail.php (id parameter). Underlying cause: improper handling/sanitization of user i...
CVE-2020-37108 PhpIX 2012 Professional - 'id' SQL Injection
PhpIX 2012 Professional contains a SQL injection vulnerability in the 'id' parameter of productdetail.php that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the 'id' parameter to potentially extract or modify database information...
PT-2026-5854
PhpIX 2012 Professional contains a SQL injection vulnerability in the 'id' parameter of product detail.php that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the 'id' parameter to potentially extract or modify database information...
PhpIX SQL注入漏洞
PhpIX is a website building system developed by PhpIX Company in Thailand. PhpIX has a SQL injection vulnerability; this vulnerability stems from the id parameter in the productdetail.php file, which allows for SQL injections, potentially enabling remote attackers to manipulate database queries...
EUVD-2007-0096
Malware in sbrugna...
EUVD-2009-2769
Malware in sbrugna...
Modern Bag product-detail.php file SQL Injection Vulnerability
Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter ID in the file /product-detail.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal S...
CVE-2025-7467
A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. This affects an unknown part of the file /product-detail.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...
CVE-2025-7467
CVE-2025-7467 affects code-projects Modern Bag 1.0. The vulnerability is in the file /product-detail.php where the ID parameter can be manipulated to perform SQL injection. This allows remote initiation of an attack, and the exploit has been disclosed publicly. Connected sources corroborate an SQ...
CVE-2025-7467 code-projects Modern Bag product-detail.php sql injection
A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. This affects an unknown part of the file /product-detail.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...
Code-Projects Modern Bag 注入漏洞
Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter ID in the file /product-detail.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal S...
CVE-2023-22838
Cross-site scripting vulnerability in Product List Screen and Product Detail Screen of EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0 allows a remote authenticated attacker to inject an arbitrary script...