8.8
CVE-2019-25540 - Netartmedia PHP Mall 4.1 Multiple SQL Injection
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through various parameters. Attackers can craft malicious requests with SQL payloads to extract sensitive database information includingโฆ
8.8
CVE-2019-25539 - 202CMS v10 beta SQL Injection via register.php
202CMS v10 beta contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the log_user parameter. Attackers can send POST requests to index.php with crafted SQL payloads using time-based blind injection techniquesโฆ
8.8
CVE-2019-25538 - 202CMS v10 beta SQL Injection via log_user Parameter
202CMS v10 beta contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the log_user parameter. Attackers can send crafted requests with malicious SQL statements in the log_user field to extract sensitive database inโฆ
8.8
CVE-2019-25537 - Netartmedia Event Portal 2.0 SQL Injection via loginaction.php
Netartmedia Event Portal 2.0 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with malicious SQL payloads in the Email fโฆ
8.8
CVE-2019-25536 - Netartmedia PHP Real Estate Agency 4.0 SQL Injection via features parameter
Netartmedia PHP Real Estate Agency 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features[] parameter. Attackers can send POST requests to index.php with crafted SQL payloads in the featuresโฆ
8.8
CVE-2019-25535 - Netartmedia PHP Dating Site SQL Injection via loginaction.php
Netartmedia PHP Dating Site contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with time-based SQL injection payloads in the Email field toโฆ
8.8
CVE-2019-25534 - Netartmedia PHP Car Dealer SQL Injection via features parameter
Netartmedia PHP Car Dealer contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features[] parameter. Attackers can submit POST requests to index.php with crafted SQL payloads in the features[] parametโฆ
8.8
CVE-2019-25533 - Netartmedia PHP Business Directory 4.2 SQL Injection via loginaction.php
Netartmedia PHP Business Directory 4.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to the loginaction.php endpoint with crafted SQL payloads in the Emโฆ
8.8
CVE-2019-25532 - Netartmedia Jobs Portal 6.1 SQL Injection via loginaction.php
Netartmedia Jobs Portal 6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with crafted SQL payloads in the Email field to extract senโฆ
8.8
CVE-2019-25531 - Netartmedia Deals Portal Lastest SQL Injection via loginaction.php
Netartmedia Deals Portal contains an SQL injection vulnerability in the Email parameter of loginaction.php that allows unauthenticated attackers to manipulate database queries. Attackers can submit crafted SQL payloads through POST requests to extract sensitive information or bypass authentication โฆ