CVE-2025-15493

A flaw has been found in RainyGao DocSys up to 2.02.36. The impacted element is an unknown function of the file src/com/DocSystem/mapping/ReposAuthMapper.xml. Executing a manipulation of the argument searchWord can lead to sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2025-15492

A vulnerability was detected in RainyGao DocSys up to 2.02.36. The affected element is an unknown function of the file src/com/DocSystem/mapping/GroupMemberMapper.xml. Performing a manipulation of the argument searchWord results in sql injection. It is possible to initiate the attack remotely. Th...

github docs 安全漏洞

github docs is a software application. A security vulnerability exists in github docs version 2.02.36 and earlier, which stems from an incorrect manipulation of the parameter searchWord in the file src/com/DocSystem/mapping/ReposAuthMapper.xml, which could lead to an SQL injection attack...

EUVD-2006-1536

Malware in sbrugna...

EUVD-2010-4940

Malware in sbrugna...

Security Bulletin: IBM Jazz for Service Management is vulnerable to cross-site scripting via searchWord parameter.

Summary IBM Jazz for Service Management is vulnerable to cross-site scripting, allowing malicious scripts to be executed via the searchWord parameter on the static help page CVE-2024-52892. Vulnerability Details CVEID:CVE-2024-52892 DESCRIPTION: IBM Jazz for Service Management is vulnerable to...

PT-2023-9946 · Unknown · 404Like Plugin

Name of the Vulnerable Software and Affected Versions: 404like Plugin versions up to 1.0.2 Description: A critical issue has been found in the 404like Plugin, affecting the checkPage function of the file 404Like.php. The manipulation of the searchWord argument leads to SQL injection, allowing...

WordPress Plugin 404like SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin 404like...

Rainy MxsDoc SQL注入漏洞

MxsDoc is Rainy open source a Web-based document management system . Rainy MxsDoc SQL injection vulnerability , the vulnerability stems from the file / DocSystem / Repos / getReposAllUsers.do function getReposAllUsers, the parameter searchWord / reposId operation leads to SQL injection...

CVE-2018-18083

An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing...

CVE-2018-18083

CVE-2018-18083 affects DuomiCMS 3.0. Affected component: search.php, where the parameter searchword is processed and unsafely uses eval during if processing, enabling remote PHP code execution. This yields high/severe impact (NVD CVSS3: 9.8, CRITICAL; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Exploit...

CVE-2010-4976

Cross-site scripting XSS vulnerability in search/search.php in MetInfo 3.0 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter aka Search Box field. NOTE: some of these details are obtained from third party information...

CVE-2010-4976

Cross-site scripting XSS vulnerability in search/search.php in MetInfo 3.0 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter aka Search Box field. NOTE: some of these details are obtained from third party information...

Joomla! 1.7.0-RC and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities

No description provided by source. component: comsearch, parameter: searchword Browser: IE, Konqueror ===================================================================== N.B. Our previous reported issue 1.6.3 of "searchword" parameter XSS was not fixed completely. REQUEST POST...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Help Contents web application aka the Help Server in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via 1 the searchWord parameter to help/advanced/searchView.jsp or 2 the workingSet parameter in ...

Cross site scripting

Cross-site scripting XSS vulnerability in the comsearch component in Joomla! 1.0.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. NOTE: this might be related to CVE-2007-4189.1...

Sql injection

Multiple eval injection vulnerabilities in the comsearch component in Joomla! 1.5 beta before RC1 aka Mapya allow remote attackers to execute arbitrary PHP code via PHP sequences in the searchword parameter, related to defaultresults.php in 1 components/comsearch/views/search/tmpl/ and 2...

Sql injection

SQL injection vulnerability in SearchResults.asp in ImageRacer 1.0, when WordSearchCrit is enabled, allows remote attackers to execute arbitrary SQL commands via the SearchWord parameter...

CVE-2007-3987

SQL injection vulnerability in SearchResults.asp in ImageRacer 1.0, when WordSearchCrit is enabled, allows remote attackers to execute arbitrary SQL commands via the SearchWord parameter...

CVE-2007-1872

Cross-site scripting XSS vulnerability in toendaCMS 1.5.3 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search id...