11 matches found
CVE-2019-25492
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pt' parameter. Attackers can send GET requests to the admin/getcmsdata.php endpoint with malicious 'pt' values to extract sensitive database...
EUVD-2019-19718
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pt' parameter. Attackers can send GET requests to the admin/getcmsdata.php endpoint with malicious 'pt' values to extract sensitive database...
CVE-2019-25492
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pt' parameter. Attackers can send GET requests to the admin/getcmsdata.php endpoint with malicious 'pt' values to extract sensitive database...
CVE-2019-25492 Homey BNB V4 SQL Injection via getcmsdata.php
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pt' parameter. Attackers can send GET requests to the admin/getcmsdata.php endpoint with malicious 'pt' values to extract sensitive database...
CVE-2019-25492 Homey BNB V4 SQL Injection via getcmsdata.php
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pt' parameter. Attackers can send GET requests to the admin/getcmsdata.php endpoint with malicious 'pt' values to extract sensitive database...
Doditsolutions Homey BNB SQL注入漏洞
Doditsolutions Homey BNB is a homestay reservation system operated by the Indian company Doditsolutions. Doditsolutions Homey BNB V4 has a SQL injection vulnerability; this vulnerability stems from the pt parameter being susceptible to SQL injections, which may allow unverified attackers to extra...
PT-2026-22360
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pt' parameter. Attackers can send GET requests to the admin/getcmsdata.php endpoint with malicious 'pt' values to extract sensitive database...
EUVD-2009-2782
Malware in sbrugna...
CVE-2025-29223
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the pt parameter in the traceRoute function...
Linksys E5600 安全漏洞
Linksys E5600 is a powerful, compact and reliable WiFi 5 router from Linksys, Inc. A security vulnerability exists in Linksys E5600 version v1.1.0.26, which stems from a command injection vulnerability in the pt parameter in the traceRoute function...
CVE-2025-29227
CVE-2025-29227 affects Linksys E5600 router (V1.1.0.26) where the file \usr\share\lua\runtime.lua contains a command injection vulnerability in the runtime.pingTest function via the pt["pkgsize"] parameter. The evidence indicates the vulnerability originates from that parameter being controllable...