EUVD-2006-1092

Malware in sbrugna...

CVE-2020-18662

SQL Injection vulnerability in gnuboard5 =v5.3.2.8 via the tableprefix parameter in installdb.php...

📄 Gnuboard5 5.3.2.8 SQL Injection

Gnuboard5 versions 5.3.2.8 and below suffer from a remote SQL injection vulnerability. Exploit Title: Gnuboard5 = 5.3.2.8 SQL Injection via tableprefix Parameter Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/gnuboard/gnuboard5 Software Link:...

Gnuboard5 5.3.2.8 - SQL Injection

Exploit Title: Gnuboard5 5.3.2.8 - SQL Injection Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/gnuboard/gnuboard5 Software Link: https://github.com/gnuboard/gnuboard5 Version: 5.3.2.8 Tested on: Ubuntu Windows CVE : CVE-2020-18662 PoC: 1 POST /install/installdb.p...

Sql injection

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to SQL Injection via the 'tableprefix' parameter in version 0.9.68 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2024-1981

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to SQL Injection via the 'tableprefix' parameter in version 0.9.68 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

GNUBOARD5 SQL Injection Vulnerability

GNUBOARD5 is a Web forum system based on PHP and MySQL. A SQL injection vulnerability exists in GNUBOARD5 5.3.2.8 and earlier versions. The vulnerability can be exploited to conduct SQL injection attacks via the tableprefix parameter in installdb.php...

CVE-2020-18662

SQL Injection vulnerability in gnuboard5 =v5.3.2.8 via the tableprefix parameter in installdb.php...

CVE-2020-18662

SQL Injection vulnerability in gnuboard5 =v5.3.2.8 via the tableprefix parameter in installdb.php...

CVE-2015-6528

Multiple cross-site scripting XSS vulnerabilities in installclassic.php in Coppermine Photo Gallery CPG 1.5.36 allow remote attackers to inject arbitrary web script or HTML via the 1 adminusername, 2 adminpassword, 3 adminemail, 4 dbserver, 5 dbname, 6 dbuser, 7 dbpass, 8 tableprefix, or 9 impath...

WordPress A To Z Category Listing 1.3 SQL Injection

Exploit Title: WordPress A to Z Category Listing plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- $initletter = $GET'R'; $sql = "select from ".$tableprefix."terms wpt,".$tableprefix."termtaxonomy wptt where wpt.name like...

CVE-2006-4877

Variable overwrite vulnerability in David Bennett PHP-Post PHPp 1.0 and earlier allows remote attackers to overwrite arbitrary program variables via multiple vectors that use the extract function, as demonstrated by the tableprefix parameter in 1 index.php, 2 profile.php, and 3 header.php...

Information disclosure

PHP-Stats 0.1.9.1 and earlier allows remote attackers to obtain potentially sensitive information via a direct request to checktables.php, which lists the database tableprefix...