• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2018-18488

February 26, 2023 by

In libadminactiondataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[] parameter.

CVE-2018-18427

February 26, 2023 by

s-cms 3.0 allows SQL Injection via the member/post.php 0_id parameter or the POST data to member/member_login.php.

CVE-2018-18450

February 26, 2023 by

appsadmincontrollercontentSingleController.php in PbootCMS before V1.3.0 build 2018-11-12 has SQL Injection, as demonstrated by the POST data to the admin.php/Single/mod/mcode/1/id/3 URI.

CVE-2018-18399

February 26, 2023 by

SQL injection vulnerability in the “ContentPlaceHolder1_uxTitle” component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote attacker to execute arbitrary SQL commands via the “id” parameter.

CVE-2018-18285

February 26, 2023 by

SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the login interface. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts.

CVE-2018-18286

February 26, 2023 by

SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the changepwd interface. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 335
  • Go to page 336
  • Go to page 337
  • Go to page 338
  • Go to page 339
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE