22 matches found
CVE-2022-50893
VIAVIWEB Wallpaper Admin 1.0 contains an unauthenticated remote code execution vulnerability in the image upload functionality. Attackers can upload a malicious PHP file through the addgalleryimage.php endpoint to execute arbitrary code on the server...
CVE-2022-50892
VIAVIWEB Wallpaper Admin 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating login credentials. Attackers can exploit the login page by injecting 'admin' or 1=1-- - payload to gain unauthorized access to the administrative interface...
CVE-2022-50894
VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the imgid parameter. Attackers can send GET requests to editgalleryimage.php with malicious imgid values to extract database...
CVE-2022-50894
VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the imgid parameter. Attackers can send GET requests to editgalleryimage.php with malicious imgid values to extract database...
CVE-2022-50894
VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the imgid parameter. Attackers can send GET requests to editgalleryimage.php with malicious imgid values to extract database...
CVE-2022-50892
VIAVIWEB Wallpaper Admin 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating login credentials. Attackers can exploit the login page by injecting 'admin' or 1=1-- - payload to gain unauthorized access to the administrative interface...
CVE-2022-50892
VIAVIWEB Wallpaper Admin 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating login credentials. Attackers can exploit the login page by injecting 'admin' or 1=1-- - payload to gain unauthorized access to the administrative interface...
CVE-2022-50894 VIAVIWEB Wallpaper Admin 1.0 SQL Injection via edit_gallery_image.php
VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the imgid parameter. Attackers can send GET requests to editgalleryimage.php with malicious imgid values to extract database...
CVE-2022-50894
The CVE-2022-50894 issue affects VIAVIWEB Wallpaper Admin 1.0. The connected documents confirm an SQL injection vulnerability in the img_id parameter of the edit_gallery_image.php endpoint, which authenticated attackers can exploit to manipulate database queries and extract information. The root ...
CVE-2022-50893 VIAVIWEB Wallpaper Admin 1.0 - Code Execution via Image Upload
VIAVIWEB Wallpaper Admin 1.0 contains an unauthenticated remote code execution vulnerability in the image upload functionality. Attackers can upload a malicious PHP file through the addgalleryimage.php endpoint to execute arbitrary code on the server...
CVE-2022-50893
VIAVIWEB Wallpaper Admin 1.0 is affected by an unauthenticated remote code execution via image upload. The flaw resides in the image upload endpoint (add_gallery_image.php) where an attacker can upload a malicious PHP file to execute arbitrary code on the server. Affected product is VIAVIWEB Wall...
CVE-2022-50893 VIAVIWEB Wallpaper Admin 1.0 - Code Execution via Image Upload
VIAVIWEB Wallpaper Admin 1.0 contains an unauthenticated remote code execution vulnerability in the image upload functionality. Attackers can upload a malicious PHP file through the addgalleryimage.php endpoint to execute arbitrary code on the server...
CVE-2022-50892 VIAVIWEB Wallpaper Admin 1.0 - SQL Injection via Login Page
VIAVIWEB Wallpaper Admin 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating login credentials. Attackers can exploit the login page by injecting 'admin' or 1=1-- - payload to gain unauthorized access to the administrative interface...
CVE-2022-50892 VIAVIWEB Wallpaper Admin 1.0 - SQL Injection via Login Page
VIAVIWEB Wallpaper Admin 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating login credentials. Attackers can exploit the login page by injecting 'admin' or 1=1-- - payload to gain unauthorized access to the administrative interface...
CVE-2022-50892
VIAVIWEB Wallpaper Admin 1.0 is affected by a SQL injection on the login page that bypasses authentication. The login credentials can be manipulated (e.g., payloads like 'admin' or 1=1--) to gain unauthorized access to the administrative interface. Reported in multiple sources (including Red Hat’...
VIAVIWEB Wallpaper Admin SQL注入漏洞
VIAVIWEB Wallpaper Admin is a mobile application backend management system from VIAVIWEB India. A SQL injection vulnerability exists in VIAVIWEB Wallpaper Admin version 1.0, which stems from a SQL injection vulnerability in the imgid parameter that could lead to the extraction of database...
VIAVIWEB Wallpaper Admin 代码问题漏洞
VIAVIWEB Wallpaper Admin is a mobile application backend management system from VIAVIWEB India. A code issue vulnerability exists in VIAVIWEB Wallpaper Admin version 1.0, which stems from an unauthenticated remote code execution vulnerability in the image upload functionality that could lead to t...
PT-2026-2368
Name of the Vulnerable Software and Affected Versions VIAVIWEB Wallpaper Admin version 1.0 Description The software contains a SQL injection issue that allows attackers to bypass authentication. Attackers can manipulate login credentials, specifically by injecting a payload such as 'admin' or 1=1...
VIAVIWEB Wallpaper Admin SQL注入漏洞
VIAVIWEB Wallpaper Admin is a mobile application backend management system from VIAVIWEB India. A SQL injection vulnerability exists in VIAVIWEB Wallpaper Admin version 1.0, which stems from a SQL injection vulnerability in the login credentials that could lead to bypassing authentication...
VIAVIWEB Wallpaper Admin 1.0 - Multiple Vulnerabilities
Exploit Title: VIAVIWEB Wallpaper Admin 1.0 - Multiple Vulnerabilities Google Dork: intext:"Wallpaper Admin" "LOGIN" "password" "Username" Exploit Author: Edd13Mora Vendor Homepage: www.viaviweb.com Version: N/A Tested on: Windows 11 - Kali Linux ------------------ SQLI on the Login page...