CVE-2019-25668

News Website Script 2.0.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the news ID parameter. Attackers can send GET requests to index.php/show/news/ with malicious SQL statements to extract sensitive...

CVE-2019-25668

News Website Script 2.0.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the news ID parameter. Attackers can send GET requests to index.php/show/news/ with malicious SQL statements to extract sensitive...

CVE-2019-25668

CVE-2019-25668 affects News Website Script 2.0.5. The vulnerability is an SQL injection in the news ID parameter, exploitable via GET requests to index.php/show/news/. Unauthenticated attackers can manipulate queries and potentially extract sensitive data. Metrics indicate high impact on confiden...

CVE-2019-25668 News Website Script 2.0.5 SQL Injection via index.php

News Website Script 2.0.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the news ID parameter. Attackers can send GET requests to index.php/show/news/ with malicious SQL statements to extract sensitive...

News Website Script SQL注入漏洞

News Website Script is a website-building system script from the PHP Scripts Mall community. Version 2.0.5 of News Website Script contains an SQL injection vulnerability. This vulnerability stems from the SQL injection in the news ID parameter, which could allow unverified attackers to manipulate...

EUVD-2017-8771

Malware in sbrugna...

EUVD-2018-18672

Malware in sbrugna...

SourceCodester Pet Grooming Management Software 代码问题漏洞

SourceCodester Pet Grooming Management Software is an open source pet grooming management system from SourceCodester. A code issue vulnerability exists in version 1.0 of SourceCodester Pet Grooming Management Software, which stems from an arbitrary file upload vulnerability in the managewebsite.p...

CVE-2023-39067

Cross Site Scripting vulnerability in ZLMediaKiet v.4.0 and v.5.0 allows an attacker to execute arbitrary code via a crafted script to the URL...

CVE-2022-37184

The application managewebsite.php on Garage Management System 1.0 is vulnerable to Shell File Upload. The already authenticated malicious user, can upload a dangerous RCE or LCE exploit file...

Matri4Web Matrimony Web Script SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Matrimony Website Script - Multiple SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.matri4web.com Demo Site: https://www.matrimonydemo.com Version: M-Plus Tested on: Kali Linux CVE: N/A ----- PoC 1:...

Jettweb PHP Hazir Haber Sitesi Scripti 1 SQL Injection

Exploit Title: Jettweb PHP Hazır Haber Sitesi Scripti V1 - Multiple Vulnerabilities Date: 23.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://jettweb.net/u-5-php-hazir-haber-sitesi-scripti-v1.html Demo Site: http://haberv1.proemlaksitesi.net Version: V1 Tested on: Kali Linux CVE...

Matri4Web Matrimony Website Script - Multiple SQL Injection

Exploit Title: Matrimony Website Script - Multiple SQL Injection Date: 22.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.matri4web.com Demo Site: https://www.matrimonydemo.com Version: M-Plus Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi ----- Request:...

News Website Script 2.0.5 - SQL Injection

News Website Script 2.0.5 - SQL Injection Exploit Title: News Website Script 2.0.5 - SQL Injection Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: February 22, 2019 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link :...

CVE-2019-9063

PHP Scripts Mall Auction website script 2.0.4 allows parameter tampering of the payment amount...

CVE-2018-15897

PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, Company Name, or Fax field, as demonstrated by crossPwn...

CVE-2018-11501

PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via usersubmit.php?upd=2, with resultant XSS...

CVE-2018-6928

PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term...

CVE-2018-6928

PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term...

CVE-2018-6928

CVE-2018-6928 affects PHP Scripts Mall News Website Script 2.0.4, with a SQL Injection vulnerability in the search term parameter. Root cause is improper handling of user input allowing unauthorized SQL execution. Impact per sources is high: potential leakage of data, data alteration, and disrupt...