7 matches found
CVE-2024-13092 code-projects Job Recruitment Job Post search_ajax.php sql injection
A vulnerability classified as critical was found in code-projects Job Recruitment 1.0. This vulnerability affects unknown code of the file /parse/calljob/searchajax.php of the component Job Post Handler. The manipulation of the argument n leads to sql injection. The attack can be initiated...
chinahumo.com XSS vulnerability
Vulnerable URL: http://www.chinahumo.com/plus/searchajax.php?jsoncallback=prompt/OPENBUGBOUNTY/...
phpcms2008-0day & phpcms 2 0 0 7 GBK version 0day injection scan script-vulnerability warning-the black bar safety net
Affected program: phpcms2008 gbk Vulnerability file: ask/searchajax.php code: ? php require './ include/common.inc.php'; requireonce MODROOT.'include/ask.class.php'; $ask = new ask; header'Content-type: text/html; charset=utf-8'; ifvia strtolowerCHARSET != 'utf-8' $q = iconvCHARSET, 'utf-8', $q;...
phpcms 2008 search_ajax.php sql注入漏洞
No description provided by source...
phpcms2008网站管理系统ask/search_ajax.php页面存在SQL注入漏洞
phpcms是一款基于 PHP+Mysql 架构的网站内容管理系统,也是一个开源的 PHP 开发平台。Phpcms 采用模块化方式开发,功能易用便于扩展,可面向大中型站点提供重量级网站建设解决方案。3年来,凭借 Phpcms 团队长期积累的丰富的Web开发及数据库经验和勇于创新追求完美的设计理念,使得 Phpcms 得到了近10万网站的认可,并且越来越多地被应用到大中型商业网站 /ask/searchajax.php Code: if$q $where = " title LIKE '%$q%' AND status = 5";//没做过滤直接感染了$where else...
phpCMS 2008 - search_ajax.php SQL Injection
phpCMS 2008 - searchajax.php SQL Injection source: https://www.securityfocus.com/bid/34225/info PHPCMS2008 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
phpcms2008GBK double-byte encoding 0day-vulnerability warning-the black bar safety net
Author: magic springsB. S. N. Affected program: phpcms2008 gbk Vulnerability file: ask/searchajax.php Vulnerability rating: high Vulnerability description: /ask/searchajax.php PHP code 1. if$q 2. 3. $where = " title LIKE '%$q%' AND status = 5";//didn't do the filter directly infected with$where 4...