38 matches found
CVE-2026-35008 Open ISES Tickets < 3.44.2 Reflected XSS via single.php ticket_id Parameter
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in single.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into an HTML attribute. Attackers can craft a...
EUVD-2012-5786
Malware in sbrugna...
EUVD-2020-10373
Malware in sbrugna...
EUVD-2022-32954
Malicious code in bioql PyPI...
EUVD-2023-44484
Malicious code in bioql PyPI...
CVE-2025-10326
CVE-2025-10326 affects MiczFlor RPi-Jukebox-RFID up to 2.8.0. Vulnerable due to improper handling of the playlist parameter in /htdocs/api/playlist/single.php , enabling remote OS command injection . Public exploit/PoC exists; exploitation can be remote with no authentication. Vendor reportedly u...
RPi-Jukebox-RFID 操作系统命令注入漏洞
RPi-Jukebox-RFID is a contactless jukebox for the Raspberry Pi from the individual developer Micz Flor in Germany. It can play audio files, playlists, podcasts, web streams and spotify triggered by RFID cards. An OS command injection vulnerability exists in RPi-Jukebox-RFID version 2.8.0 and...
CVE-2022-29659
Responsive Online Blog v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at single.php...
CVE-2022-28512
A SQL injection vulnerability exists in Sourcecodester Fantastic Blog CMS 1.0 . An attacker can inject query in "/fantasticblog/single.php" via the "id=5" parameters...
CVE-2020-18449
Cross Site Scripting XSS vulnerability exists in UKCMS v1.1.10 via data in the index function in Single.php...
Cross site scripting
A vulnerability, which was classified as problematic, has been found in phpscriptpoint Ecommerce 1.15. Affected by this issue is some unknown functionality of the file /blog-single.php. The manipulation of the argument slug leads to cross site scripting. The attack may be launched remotely. The...
CVE-2023-3856 phpscriptpoint Ecommerce blog-single.php cross site scripting
A vulnerability, which was classified as problematic, has been found in phpscriptpoint Ecommerce 1.15. Affected by this issue is some unknown functionality of the file /blog-single.php. The manipulation of the argument slug leads to cross site scripting. The attack may be launched remotely. The...
Responsive Online Blog SQL Injection Vulnerability
Responsive Online Blog is a responsive online blog site. responsive Online Blog v1.0 is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the id parameter of single.php. An attacker could use this vulnerability to execute illegal SQL commands t...
CVE-2022-29659
Responsive Online Blog v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at single.php...
CVE-2022-29659
Responsive Online Blog v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at single.php...
Sql injection
Responsive Online Blog v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at single.php...
CVE-2022-29659
CVE-2022-29659 concerns a SQL injection in Responsive Online Blog v1.0 exploitable via the id parameter in single.php . The issue arises from unsanitized input being incorporated into SQL queries, enabling an attacker to manipulate the database and potentially access or alter data. The vulnerabil...
CVE-2022-29659
Responsive Online Blog v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at single.php...
CVE-2022-28512
A SQL injection vulnerability exists in Sourcecodester Fantastic Blog CMS 1.0 . An attacker can inject query in "/fantasticblog/single.php" via the "id=5" parameters...
Sql injection
A SQL injection vulnerability exists in Sourcecodester Fantastic Blog CMS 1.0 . An attacker can inject query in "/fantasticblog/single.php" via the "id=5" parameters...