12/30/2023 0 Comments Zend studio 13.0.1Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function edit_event_category does not sanitize user-supplied input via the $id parameter before passing it into an SQL statement. SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the (1) listid parameter in detail.php and the (2) group_price or groupid parameters in search_result.php. rk-responsive-contact-form/include/rk_user_list.php. Vulnerability in wordpress plugin rk-responsive-contact-form v1.0, The variable $delid isn't sanitized before being passed into an SQL query in file. wordpress-gallery-transformation/gallery.php via $jpic parameter being unsanitized before being passed into an SQL query. Vulnerability in wordpress plugin wordpress-gallery-transformation v1.0, SQL injection is in. Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query. SQL Injection vulnerability in NukeViet CMS 4.0.10 - 4.3.07 via:the topicsid parameter in modules/news/admin/addtotopics.php. Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query. easy-team-manager/inc/easy_team_manager_desc_edit.php Vulnerability in wordpress plugin Easy Team Manager v1.3.2, The code does not sanitize id before making it part of an SQL statement in file. SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php. Due to framework restrictions, only some information can be obtained. ![]() SAP Business One allows an attacker with business privileges to execute crafted database queries, exposing the back-end database. SQL injection vulnerability in comments.php in WSN Links 2.20 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: it was later reported that 2.34 is also vulnerable. SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote attackers to execute arbitrary SQL commands via the id parameter. SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote attackers to execute arbitrary SQL commands via the id parameter. Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via (1) the job parameter to index.php in the search module or (2) the news_id parameter to index.php. Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter. SQL injection vulnerability in view.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the v parameter.ĭomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.īeauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.Įntrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter. Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter. SQL injection vulnerability in index.php in MapCal 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an editevent action, possibly related to dsp_editevent.php. Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter. custom route for N categories + object like category/subcategory/./page.FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter.need custom route for level N categories like category/subcategory/subsubcategory/. ![]() ![]() I'll post it here for people who anycodings_php will end up in the same thing I got anycodings_php into. I found a solution that I think fits my anycodings_php needs.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |