EUVD-2018-21928

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters across...

CVE-2018-25407

CVE-2018-25407 affects eNdonesia Portal 8.7, where multiple SQL injection flaws in mod.php allow unauthenticated attackers to execute arbitrary SQL via parameters such as artid, cid, did, contid, and aboutid across the publisher, diskusi, galeri, content, and about modules. The issue can be used ...

CVE-2018-25406

CVE-2018-25406 affects the eNdonesia Portal 8.7, where multiple SQL injection vulnerabilities allow unauthenticated attackers to run arbitrary SQL queries via mod.php. The attacker can inject SQL through parameters artid, cid, did, contid, and aboutid across modules including publisher, diskusi, ...

PT-2026-45106

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters across...

EUVD-2009-3402

Malware in sbrugna...

EUVD-2009-3401

Malware in sbrugna...

Endonesia 8.5 CMS Publisher Module SQL Injection

. \ || \ \ \ / \ /\ \ |/ \ | / \ | | / | Y Y / \ | \ \ /|| |||| / /| / / / / / Exploit Title: Endonesia 8.5 CMS Publiher Module Sql Injection Vulnerability Google Dork: Intext:"Powered by Endonesia 8.5" Date: 08/29/2012 Author: Crim3R Site : Http://Ajaxtm.com/ download Link :...

Sql injection

SQL injection vulnerability in the Publisher module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printarticle action to mod.php, a different vector than CVE-2007-3394...

CVE-2010-3461

SQL injection vulnerability in the Publisher module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printarticle action to mod.php, a different vector than CVE-2007-3394...

CVE-2010-3461

CVE-2010-3461 (and related CVE-2007-3394) are concrete SQL injection vulnerabilities in eNdonesia 8.4. The issue affects the Publisher module and allows remote attackers to execute arbitrary SQL via the artid parameter (to mod.php) and, for CVE-2007-3394, via the bid parameter to banners.php (in ...

CVE-2009-3419

SQL injection vulnerability in index.php in the Publisher module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter...

Sql injection

SQL injection vulnerability in index.php in the Publisher module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in the Publisher module 2.0 for Miniweb allow remote attackers to inject arbitrary web script or HTML via the 1 begin parameter and the 2 PATHINFO...

CVE-2009-3420

Multiple cross-site scripting XSS vulnerabilities in index.php in the Publisher module 2.0 for Miniweb allow remote attackers to inject arbitrary web script or HTML via the 1 begin parameter and the 2 PATHINFO...

CVE-2009-3419

CVE-2009-3419 describes an SQL injection in the Miniweb Publisher module 2.0, via index.php and the historymonth parameter. Affected software: Miniweb Publisher module 2.0 (index.php). Root cause: unsafely handled input in historymonth leading to SQL command execution. Impact: remote attackers co...

CVE-2004-2670

Multiple cross-site scripting XSS vulnerabilities in mod.php in eNdonesia 8.3 allow remote attackers to inject arbitrary web script or HTML via 1 the mod parameter in a viewcat operation or 2 the query parameter in a search operation in the publisher module...