20 matches found
EUVD-2010-0750
Malware in sbrugna...
EUVD-2022-44586
Malicious code in bioql PyPI...
CVE-2022-41391
OcoMon v4.0 was discovered to contain a SQL injection vulnerability via the cod parameter at showImg.php...
Sql injection
OcoMon v4.0 was discovered to contain a SQL injection vulnerability via the cod parameter at showImg.php...
PT-2022-25840 · Ocomon · Ocomon
Name of the Vulnerable Software and Affected Versions: OcoMon version 4.0 Description: A SQL injection issue was discovered in OcoMon via the cod parameter at the "showImg.php" endpoint. This allows for potential exploitation of the database. Recommendations: For OcoMon version 4.0, consider...
CVE-2022-41391
OcoMon v4.0 was discovered to contain a SQL injection vulnerability via the cod parameter at showImg.php...
CVE-2022-41391
OcoMon v4.0 was discovered to contain a SQL injection vulnerability via the cod parameter at showImg.php...
CVE-2022-41391
CVE-2022-41391 affects OcoMon v4.0, with a SQL injection in the showImg.php endpoint via the cod parameter. The root cause is unsafely handling user input in the SQL query, allowing attackers to craft requests that may compromise confidentiality, integrity, and availability (CVSS v3.1 base score ...
OcoMon SQL注入漏洞
OcoMon is a helpdesk system from the personal developer Rafael Foster. It is designed to manage integrated inventory control that supports tickets and computing devices. An SQL injection vulnerability exists in OcoMon version v4.0, which stems from the cod parameter in showImg.php being vulnerabl...
komendir.cz XSS vulnerability
Open Bug Bounty ID: OBB-618608 Description| Value ---|--- Affected Website:| komendir.cz Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2011-5136
showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwrite arbitrary files via the db parameter...
CVE-2011-5136
showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwrite arbitrary files via the db parameter...
CVE-2011-5136
showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwrite arbitrary files via the db parameter...
EPractize Labs Subscription Manager 'showImg.php' PHP Code Injection Vulnerability
EPractize Labs Subscription Manager is prone to a remote PHP code- injection vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
EPractize Labs Backdoor
Vulnerability: back door in stupid spamming software About EPractize Labs: EPractize Labs is fully Customer Focused, Innovative and Global service provider for Skill Development and Skill Evaluation products suitable for pre employment assessment testing, employee evaluation for appraisal,...
Sql injection
SQL injection vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2010-0725
CVE-2010-0725 describes a Cross-site scripting (XSS) vulnerability in Arab Cart 1.0.2.0. The flaw is in showimg.php and allows an attacker to inject arbitrary web script or HTML by manipulating the id parameter. The cited NVD entry shows a base score of 4.3 (Medium) under CVSS v2, with no confide...
CVE-2010-0725
Cross-site scripting XSS vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2010-0724
CVE-2010-0724 describes an SQL injection in Arab Cart 1.0.2.0, where an attacker can manipulate the id parameter in showimg.php to execute arbitrary SQL commands. The vulnerability is documented with a CVSSv2 base score of 7.5 (HIGH) and reflects a network-exposed, low-complexity vector without r...
CVE-2010-0724
SQL injection vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...