Lucene search
K

216728 matches found

Cvelist
Cvelist
added 2026/03/12 3:37 p.m.26 views

CVE-2019-25543 Netartmedia Real Estate Portal 5.0 SQL Injection via index.php

Netartmedia Real Estate Portal 5.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the page parameter. Attackers can submit POST requests to index.php with malicious SQL payloads in the page field to bypass...

8.8CVSS0.0046EPSS
Exploits1References2
CVE
CVE
added 2026/03/12 3:37 p.m.10 views

CVE-2019-25542

CVE-2019-25542 affects Netartmedia Real Estate Portal 5.0. The vulnerability is an SQL injection in the user_email parameter of index.php, exploitable by unauthenticated attackers to manipulate database queries. The attack can bypass authentication and potentially extract sensitive data or modify...

8.8CVSS5.9AI score0.0046EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:37 p.m.5 views

CVE-2019-25542

Netartmedia Real Estate Portal 5.0 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the useremail parameter. Attackers can send POST requests to index.php with malicious payloads in the useremail field to...

8.8CVSS5.9AI score0.0046EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/12 3:37 p.m.3 views

CVE-2019-25541 Netartmedia PHP Mall 4.1 Multiple SQL Injection

Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. Attackers can inject time-based blind SQL payloads via the 'id' parameter in index.php or the 'Email' parameter in...

8.8CVSS5.8AI score0.00373EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/12 3:37 p.m.29 views

CVE-2019-25541 Netartmedia PHP Mall 4.1 Multiple SQL Injection

Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. Attackers can inject time-based blind SQL payloads via the 'id' parameter in index.php or the 'Email' parameter in...

8.8CVSS0.00373EPSS
Exploits1References2
CVE
CVE
added 2026/03/12 3:37 p.m.9 views

CVE-2019-25541

Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. The affected vectors include id in index.php and Email in loginaction.php, enabling time-based blind payloads to extract sen...

8.8CVSS5.8AI score0.00373EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:37 p.m.5 views

CVE-2019-25541

Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. Attackers can inject time-based blind SQL payloads via the 'id' parameter in index.php or the 'Email' parameter in...

8.8CVSS5.8AI score0.00373EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/03/12 3:37 p.m.14 views

CVE-2019-25540

Netartmedia PHP Mall 4.1 is affected by multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries via various parameters. The attacks can exfiltrate sensitive data, including user credentials and system information. The description does not specify...

8.8CVSS5.9AI score0.00359EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:37 p.m.3 views

CVE-2019-25539

202CMS v10 beta contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the loguser parameter. Attackers can send POST requests to index.php with crafted SQL payloads using time-based blind injection technique...

8.8CVSS5.9AI score0.00415EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:37 p.m.1 views

CVE-2019-25538

202CMS v10 beta contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the loguser parameter. Attackers can send crafted requests with malicious SQL statements in the loguser field to extract sensitive database...

8.8CVSS5.9AI score0.00365EPSS
Exploits1References3
CVE
CVE
added 2026/03/12 3:37 p.m.9 views

CVE-2019-25538

The CVE-2019-25538 issue affects 202CMS v10 beta, where an SQL injection is possible through the log_user parameter. Unauthenticated attackers can inject SQL statements via that field to manipulate queries and potentially disclose or modify database contents. Root cause: improper handling of user...

8.8CVSS5.9AI score0.00365EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/03/12 3:37 p.m.10 views

CVE-2019-25539

CVE-2019-25539 affects 202CMS v10 beta. The vulnerability is a blind, time-based SQL injection in the log_user parameter via POST to index.php, exploitable by unauthenticated attackers to extract sensitive database information. Impact details from the entry indicate high confidentiality impact an...

8.8CVSS5.9AI score0.00415EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/03/12 3:37 p.m.25 views

CVE-2019-25537 Netartmedia Event Portal 2.0 SQL Injection via loginaction.php

Netartmedia Event Portal 2.0 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with malicious SQL payloads in the Email...

8.8CVSS0.00254EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/12 3:37 p.m.4 views

CVE-2019-25536 Netartmedia PHP Real Estate Agency 4.0 SQL Injection via features parameter

Netartmedia PHP Real Estate Agency 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features parameter. Attackers can send POST requests to index.php with crafted SQL payloads in the features...

8.8CVSS6.1AI score0.00315EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:37 p.m.2 views

CVE-2019-25536

Netartmedia PHP Real Estate Agency 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features parameter. Attackers can send POST requests to index.php with crafted SQL payloads in the features...

8.8CVSS6.1AI score0.00315EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/12 3:37 p.m.27 views

CVE-2019-25536 Netartmedia PHP Real Estate Agency 4.0 SQL Injection via features parameter

Netartmedia PHP Real Estate Agency 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features parameter. Attackers can send POST requests to index.php with crafted SQL payloads in the features...

8.8CVSS0.00315EPSS
Exploits1References2
CVE
CVE
added 2026/03/12 3:37 p.m.13 views

CVE-2019-25536

Netartmedia PHP Real Estate Agency 4.0 contains an SQL injection vulnerability in the features[] parameter. Unauthenticated attackers can send crafted POST requests to index.php to execute arbitrary SQL, enabling extraction of sensitive data or manipulation of queries. The issue is described as a...

8.8CVSS6.1AI score0.00315EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/12 3:37 p.m.5 views

CVE-2019-25535 Netartmedia PHP Dating Site SQL Injection via loginaction.php

Netartmedia PHP Dating Site contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with time-based SQL injection payloads in the Email field ...

8.8CVSS5.9AI score0.00254EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:37 p.m.2 views

CVE-2019-25535

Netartmedia PHP Dating Site contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with time-based SQL injection payloads in the Email field ...

8.8CVSS5.9AI score0.00254EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/12 3:37 p.m.26 views

CVE-2019-25534 Netartmedia PHP Car Dealer SQL Injection via features parameter

Netartmedia PHP Car Dealer contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features parameter. Attackers can submit POST requests to index.php with crafted SQL payloads in the features parameter...

8.8CVSS0.00254EPSS
Exploits0References2
Rows per page
Query Builder