Lucene search
Php Melody Security Vulnerabilities - November
cve
In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php.
9.8CVSS
9.8AI Score
0.009EPSS
2017-10-24 06:29 AM
30
cve
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin/edit_category.php.
8.8CVSS
9.7AI Score
0.001EPSS
2017-10-18 02:29 AM
40
cve
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php.
9.8CVSS
9.8AI Score
0.002EPSS
2017-10-18 02:29 AM
39
cve
In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the page_title parameter.
6.1CVSS
6AI Score
0.001EPSS
2017-10-19 10:29 PM
25
cve
PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist.
9.8CVSS
9.9AI Score
0.002EPSS
2018-01-09 04:29 PM
24