15 matches found
CVE-2018-25420 AiOPMSD Final 1.0.0 SQL Injection via watch.php
AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to watch.php with crafted SQL payloads to extract sensitive database informati...
EUVD-2017-7031
Malware in sbrugna...
CVE-2023-41884
ZoneMinder is a free, open source Closed-circuit television software application. In WWW/AJAX/watch.php, Line: 51 takes a few parameter in sql query without sanitizing it which makes it vulnerable to sql injection. This vulnerability is fixed in 1.36.34...
CVE-2023-41884 ZoneMinder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in watch.php
ZoneMinder is a free, open source Closed-circuit television software application. In WWW/AJAX/watch.php, Line: 51 takes a few parameter in sql query without sanitizing it which makes it vulnerable to sql injection. This vulnerability is fixed in 1.36.34...
CVE-2023-41884 ZoneMinder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in watch.php
ZoneMinder is a free, open source Closed-circuit television software application. In WWW/AJAX/watch.php, Line: 51 takes a few parameter in sql query without sanitizing it which makes it vulnerable to sql injection. This vulnerability is fixed in 1.36.34...
PT-2024-13007 · Unknown +2 · Zoneminder +2
Name of the Vulnerable Software and Affected Versions: ZoneMinder versions prior to 1.36.34 Description: The issue is related to a SQL injection vulnerability in the ZoneMinder application. Specifically, the watch.php file takes a few parameters in an SQL query without proper sanitization, making...
CVE-2023-2037
A vulnerability was found in Campcodes Video Sharing Website 1.0. It has been classified as critical. This affects an unknown part of the file watch.php. The manipulation of the argument code leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...
CVE-2023-2037 Campcodes Video Sharing Website watch.php sql injection
A vulnerability was found in Campcodes Video Sharing Website 1.0. It has been classified as critical. This affects an unknown part of the file watch.php. The manipulation of the argument code leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...
CVE-2023-2037
CVE-2023-2037 affects Campcodes Video Sharing Website 1.0, with the vulnerability located in watch.php where the code parameter can be manipulated to trigger a SQL injection. The issue is exploitable remotely and, according to the connected sources, the vulnerability has been disclosed publicly. ...
PT-2023-17433 · Unknown · Campcodes Video Sharing Website
Name of the Vulnerable Software and Affected Versions: Campcodes Video Sharing Website version 1.0 Description: A critical issue has been found, affecting an unknown part of the file watch.php. The manipulation of the code argument leads to SQL injection. It is possible to initiate the attack...
replicashop.ru XSS vulnerability
Open Bug Bounty ID: OBB-620110 Description| Value ---|--- Affected Website:| replicashop.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
PHPSUGAR PHP Melody SQL Injection Vulnerability (CNVD-2017-32540)
PHPSUGAR PHP Melody is a PHP-based content management system for video websites. A SQL injection vulnerability exists in PHPSUGAR PHP Melody versions prior to 2.7.3. A remote attacker can perform a display list operation on the watch.php file and exploit the vulnerability to execute arbitrary SQL...
CVE-2017-15579
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aapagesperpage cookie in a playlist action to watch.php...
CVE-2017-15579
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aapagesperpage cookie in a playlist action to watch.php...
CVE-2017-15579
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aapagesperpage cookie in a playlist action to watch.php...