5 matches found
Sql injection
Bus Booking Script has SQL Injection via the admin/viewseatseller.php spid parameter or the admin/viewmember.php memid parameter...
CVE-2017-17829
Bus Booking Script has SQL Injection via the admin/viewseatseller.php spid parameter or the admin/viewmember.php memid parameter...
CVE-2017-17829
Bus Booking Script has SQL Injection via the admin/viewseatseller.php spid parameter or the admin/viewmember.php memid parameter...
SePortal staticpages SQL Injection (CVE-2008-5191)
An SQL injection vulnerability has been reported in SePortal. A remote attacker may exploit this issue by executing arbitrary SQL commands via the pollid parameter to pool.php and the spid parameter to staticpages.php. Successful exploitation could cause an SQL statement execution on the server,...
SePortal 'sp_id'参数SQL注入漏洞
Bugtraq ID:66315 SePortal是一款基于WEB的应用。 SePortal staticpages.php脚本不正确过滤'spid'参数数据,允许远程攻击者利用漏洞提交特制的SQL查询,操作或获取数据库数据。 0 SePortal 2.5 目前没有详细解决方案提供: http://www.seportal.org/ http://www.example.com/staticpages.php?spid=SQL...