SQL Injection vulnerability in Hucart CMS 5.7.4 via the basic information field found in the avatar usd_image field.
CWE-89
CVE-2020-18477
SQL Injection vulnerability in Hucart CMS 5.7.4 via the purchase enquiry field found in the Message con_content field.
CVE-2020-18544
SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the “username” parameter in the component “chkuser.php”.
CVE-2020-18262
ED01-CMS v1.0 was discovered to contain a SQL injection in the component cposts.php via the cid parameter.
CVE-2020-18263
PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability in the component search.php via the search parameter. This vulnerability allows attackers to access sensitive database information.
CVE-2020-18144
SQL Injection Vulnerability in ECTouch v2 via the integral_min parameter in index.php.
