Lucene search
K

37 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.12 views

CVE-2022-0739

The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpressfrontgetcategoryservices AJAX action available to unauthenticated users, leading to an unauthenticated SQL Injection...

9.8CVSS7.3AI score0.37171EPSS
Exploits11References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:17 p.m.8 views

CVE-2022-0867

The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users...

9.8CVSS7.4AI score0.12455EPSS
Exploits1References1
exploitpack
exploitpack
added 2018/05/23 12:0 a.m.35 views

School Management System CMS 1.0 - username SQL Injection

School Management System CMS 1.0 - username SQL Injection Exploit Title: School Management System CMS 1.0 - Admin Login SQL Injection Dork: N/A Date: 23.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor : Wecodex Solutions Vendor Homepage:...

0.4AI score
Exploits0
0day.today
0day.today
added 2017/11/15 12:0 a.m.23 views

WordPress DFD Reddcoin Tips 1.1.1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Credit Ricardo Sanchez Vulnerable DFD Reddcoin Tips Plugin 1.1.1 DFD Reddcoin Tips Plugin is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

MzK Blog Katgoster.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24909/info MzK Blog is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

Quick Classifieds 1.0 - controlcenter/manager.php3 DOCUMENT_ROOT Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the applicati...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

Programs Rating rate.php id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/35746/info Programs Rating Script is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Jetbox CMS 2.1 - Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/24077/info Jetbox is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromis...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

mcGallery 1.1 - admin.php lang Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.9 views

okul siteleri 'com_mezun' Component SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27755/info 'okul siteleri' is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromi...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2012/10/18 12:0 a.m.13 views

Amateur Photographers Image Gallery - force-download.php?File Information Disclosure

Amateur Photographers Image Gallery - force-download.php?File Information Disclosure source: https://www.securityfocus.com/bid/56110/info Amateur Photographer's Image Gallery is prone to multiple SQL injection vulnerabilities, a cross-site scripting vulnerability, and an arbitrary file-disclosure...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2012/09/30 12:0 a.m.22 views

AlamFifa CMS - user_name_cookie SQL Injection

AlamFifa CMS - usernamecookie SQL Injection source: https://www.securityfocus.com/bid/55746/info AlamFifa CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2012/01/09 12:0 a.m.33 views

Clipbucket 2.6 - 'view_item.php?type' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51321/info ClipBucket is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these vulnerabilities could allow an attacker to steal...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2011/09/21 12:0 a.m.14 views

OneCMS 2.6.4 - Multiple SQL Injections

OneCMS 2.6.4 - Multiple SQL Injections source: https://www.securityfocus.com/bid/49733/info OneCMS is prone to multiple SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2011/08/03 12:0 a.m.65 views

Joomla! Component com_community - 'userid' SQL Injection

source: https://www.securityfocus.com/bid/48983/info The 'comcommunity' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2011/02/21 12:0 a.m.15 views

IBM Lotus Sametime - stconf.nsfWebMessage?messageString Cross-Site Scripting

IBM Lotus Sametime - stconf.nsfWebMessage?messageString Cross-Site Scripting source: https://www.securityfocus.com/bid/46471/info IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this...

6.8AI score
Exploits0
OpenVAS
OpenVAS
added 2010/10/21 12:0 a.m.19 views

DeluxeBB 'xthedateformat' Parameter SQL Injection Vulnerability

DeluxeBB is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying...

6.8CVSS0.3AI score0.01181EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2010/03/23 12:0 a.m.22 views

Joomla! Component com_aml_2 - 'art' SQL Injection

source: https://www.securityfocus.com/bid/38914/info The 'comaml2' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/11/25 12:0 a.m.30 views

Joomla! Component com_mygallery - 'cid' SQL Injection

Bugtraq ID: 37121 Class: Input Validation Error Published: Feb 21 2008 12:00AM Updated: Nov 24 2009 10:15PM Credit: S@BUN Vulnerable: Joomla commygallery 0 The 'commygallery' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/10/05 12:0 a.m.19 views

Joomla! Component CB Resume Builder - 'group_id' SQL Injection

source: https://www.securityfocus.com/bid/36598/info The CB Resume Builder 'comcbresumebuilder' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

7.4AI score
Exploits0
Rows per page
Query Builder