12 matches found
CVE-2026-27470
ZoneMinder is a free, open source closed-circuit television software application. In versions 1.36.37 and below and 1.37.61 through 1.38.0, there is a second-order SQL Injection vulnerability in the web/ajax/status.php file within the getNearEvents function. Event field values specifically Name a...
XWiki Contrib Mocca Calendar Application 跨站脚本漏洞
XWiki Contrib Mocca Calendar Application is an open source XWiki plugin for XWiki Contrib. A cross-site scripting vulnerability exists in XWiki Contrib Mocca Calendar Application versions prior to 2.15, which stems from cross-site scripting in the title of the View Events page...
NetIQ Sentinel Information Disclosure Vulnerability (CNVD-2018-06631)
NetIQ Sentinel is a security information and event management SIEM solution from US-based NetIQ. The solution collects, stores and analyzes log data and reports on it, as well as analyzing security event data in real time. A security vulnerability exists in NetIQ Sentinel versions prior to 8.1.x...
CVE-2018-6585
SQL Injection exists in the JTicketing 2.0.16 component for Joomla! via a view=events action with a filtercreator or filtereventscat parameter...
CVE-2018-6585
SQL Injection exists in the JTicketing 2.0.16 component for Joomla! via a view=events action with a filtercreator or filtereventscat parameter...
Buddy Zone <= 1.5 - Multiple SQL Injection Vulnerabilities
No description provided by source. --==+================================================================================+==-- --==+ Buddy Zone Version 1.5 And Prior SQL Injection Vulnerability +==-- --==+================================================================================+==-- AUTHOR:...
joomla component memorybook 1.2 - Multiple Vulnerabilities
No description provided by source. SQL Injection ------------- requires: magic quotes OFF, user account Add this as the description of a new event: ', 63,SELECT CONCATusername,0x20,email FROM users WHERE gid=25 LIMIT 1,1,1,1 -- ' NOTE: 63 MUST be your Joomla user ID. extracted info can be found o...
Joomla MemoryBook 1.2 SQL Injection / RFI
SQL Injection ------------- requires: magic quotes OFF, user account Add this as the description of a new event: ', 63,SELECT CONCATusername,0x20,email FROM users WHERE gid=25 LIMIT 1,1,1,1 -- ' NOTE: 63 MUST be your Joomla user ID. extracted info can be found on View Events page Remote File...
Joomla! Component memorybook 1.2 - Multiple Vulnerabilities
Joomla! Component memorybook 1.2 - Multiple Vulnerabilities SQL Injection ------------- requires: magic quotes OFF, user account Add this as the description of a new event: ', 63,SELECT CONCATusername,0x20,email FROM users WHERE gid=25 LIMIT 1,1,1,1 -- ' NOTE: 63 MUST be your Joomla user ID...
Joomla! Component memorybook 1.2 - Multiple Vulnerabilities
SQL Injection ------------- requires: magic quotes OFF, user account Add this as the description of a new event: ', 63,SELECT CONCATusername,0x20,email FROM users WHERE gid=25 LIMIT 1,1,1,1 -- ' NOTE: 63 MUST be your Joomla user ID. extracted info can be found on View Events page Remote File...
Joomla Component MemoryBook 1.2 Multiple Vulnerabilities
No description provided by source. SQL Injection ------------- requires: magic quotes OFF, user account Add this as the description of a new event: ', 63,SELECT CONCATusername,0x20,email FROM users WHERE gid=25 LIMIT 1,1,1,1 -- ' NOTE: 63 MUST be your Joomla user ID. extracted info can be found o...
Joomla Component MemoryBook 1.2 Multiple Vulnerabilities
Exploit for unknown platform in category web applications ======================================================== Joomla Component MemoryBook 1.2 Multiple Vulnerabilities ======================================================== SQL Injection ------------- requires: magic quotes OFF, user account...