216730 matches found
CVE-2019-25534 Netartmedia PHP Car Dealer SQL Injection via features parameter
Netartmedia PHP Car Dealer contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features parameter. Attackers can submit POST requests to index.php with crafted SQL payloads in the features parameter...
CVE-2019-25534
CVE-2019-25534 affects Netartmedia PHP Car Dealer. An SQL injection allows unauthenticated attackers to submit crafted SQL via the features[] parameter in POST requests to index.php, enabling extraction of sensitive database information or manipulation of queries. CVSS scores indicate high severi...
CVE-2019-25534
Netartmedia PHP Car Dealer contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features parameter. Attackers can submit POST requests to index.php with crafted SQL payloads in the features parameter...
CVE-2019-25533 Netartmedia PHP Business Directory 4.2 SQL Injection via loginaction.php
Netartmedia PHP Business Directory 4.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to the loginaction.php endpoint with crafted SQL payloads in the...
CVE-2019-25533 Netartmedia PHP Business Directory 4.2 SQL Injection via loginaction.php
Netartmedia PHP Business Directory 4.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to the loginaction.php endpoint with crafted SQL payloads in the...
CVE-2019-25533
Netartmedia PHP Business Directory 4.2 is affected by an SQL injection in the loginaction.php Email field, enabling unauthenticated attackers to manipulate database queries. This can lead to sensitive data disclosure and potential authentication bypass. The vulnerability impact is described as hi...
CVE-2019-25533
Netartmedia PHP Business Directory 4.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to the loginaction.php endpoint with crafted SQL payloads in the...
CVE-2019-25532 Netartmedia Jobs Portal 6.1 SQL Injection via loginaction.php
Netartmedia Jobs Portal 6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with crafted SQL payloads in the Email field to extract...
CVE-2019-25532
CVE-2019-25532 affects Netartmedia Jobs Portal 6.1. The connected documents describe an SQL injection vulnerability where unauthenticated attackers can inject SQL through the Email field in loginaction.php via POST requests, enabling extraction of sensitive data or bypassing authentication. The r...
CVE-2019-25532 Netartmedia Jobs Portal 6.1 SQL Injection via loginaction.php
Netartmedia Jobs Portal 6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with crafted SQL payloads in the Email field to extract...
CVE-2019-25531 Netartmedia Deals Portal Lastest SQL Injection via loginaction.php
Netartmedia Deals Portal contains an SQL injection vulnerability in the Email parameter of loginaction.php that allows unauthenticated attackers to manipulate database queries. Attackers can submit crafted SQL payloads through POST requests to extract sensitive information or bypass authenticatio...
CVE-2019-25531 Netartmedia Deals Portal Lastest SQL Injection via loginaction.php
Netartmedia Deals Portal contains an SQL injection vulnerability in the Email parameter of loginaction.php that allows unauthenticated attackers to manipulate database queries. Attackers can submit crafted SQL payloads through POST requests to extract sensitive information or bypass authenticatio...
CVE-2019-25530 uHotelBooking System Lastest SQL Injection via system_page Parameter
uHotelBooking System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the systempage GET parameter. Attackers can send crafted requests to index.php with malicious systempage values using time-based blind SQ...
CVE-2019-25530
uHotelBooking System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the systempage GET parameter. Attackers can send crafted requests to index.php with malicious systempage values using time-based blind SQ...
CVE-2019-25530 uHotelBooking System Lastest SQL Injection via system_page Parameter
uHotelBooking System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the systempage GET parameter. Attackers can send crafted requests to index.php with malicious systempage values using time-based blind SQ...
CVE-2019-25529 Placeto CMS Alpha rv.4 SQL Injection via page Parameter
Placeto CMS Alpha rv.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'page' parameter. Attackers can send GET requests to the admin/edit.php endpoint with malicious 'page' values using boolean-based...
CVE-2019-25529 Placeto CMS Alpha rv.4 SQL Injection via page Parameter
Placeto CMS Alpha rv.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'page' parameter. Attackers can send GET requests to the admin/edit.php endpoint with malicious 'page' values using boolean-based...
CVE-2019-25528 Inout EasyRooms Ultimate Edition v1.0 SQL Injection via search
Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the property1 parameter. Attackers can send POST requests to the search/searchdetailed endpoint with malicious SQL...
CVE-2019-25528 Inout EasyRooms Ultimate Edition v1.0 SQL Injection via search
Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the property1 parameter. Attackers can send POST requests to the search/searchdetailed endpoint with malicious SQL...
CVE-2019-25527 Inout EasyRooms Ultimate Edition v1.0 SQL Injection via searchdetailed
Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the numguest parameter. Attackers can send POST requests to the search/searchdetailed endpoint with malicious SQL payloa...