Page 3 of 34 results (0.007 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2

SQL injection vulnerability in viewcat.php in the Photo 3.02 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. Vulnerabilidad de inyección SQL en viewcat.php del módulo Photo 3.02 para RunCMS permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro cid. • https://www.exploit-db.com/exploits/5290 http://secunia.com/advisories/29513 http://www.securityfocus.com/bid/28395 https://exchange.xforce.ibmcloud.com/vulnerabilities/41378 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 2

SQL injection vulnerability in the sections (Section) module in RunCMS allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle action. Vulnerabilidad de inyección SQL en el módulo secciones (Section) de RunCMS permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro artid en una acción viewarticle. • https://www.exploit-db.com/exploits/5285 http://www.securityfocus.com/bid/28378 https://exchange.xforce.ibmcloud.com/vulnerabilities/41377 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. Vulnerabilidad de inyección SQL en index.php del módulo MyAnnonces 1.7 y versiones anteriores para RunCMS permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro cid en una acción view. • https://www.exploit-db.com/exploits/5156 http://www.securityfocus.com/bid/27902 http://www.vupen.com/english/advisories/2008/0619 https://exchange.xforce.ibmcloud.com/vulnerabilities/40861 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 2

SQL injection vulnerability in index.php in the Newbb_plus 0.92 and earlier module in RunCMS 1.6.1 allows remote attackers to execute arbitrary SQL commands via the Client-Ip parameter. Vulnerabilidad de inyección SQL en index.php del módulo Newbb_plus 0.92 y anteriores para RunCMS 1.6.1 permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro Client-Ip. • https://www.exploit-db.com/exploits/4845 http://secunia.com/advisories/28340 http://www.securityfocus.com/bid/27152 https://exchange.xforce.ibmcloud.com/vulnerabilities/39478 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 4

Multiple SQL injection vulnerabilities in RunCMS before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the lid parameter to (1) brokenfile.php, (2) visit.php, or (3) ratefile.php in modules/mydownloads/; or (4) ratelink.php, (5) modlink.php, or (6) brokenlink.php in modules/mylinks/. Múltiples vulnerabilidades de inyección SQL en RunCMS anterior a 1.6.1 permiten a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro lid de (1) brokenfile.php, (2) visit.php, o (3) ratefile.php in modules/mydownloads/; o (4) ratelink.php, (5) modlink.php, o (6) brokenlink.php in modules/mylinks/. • https://www.exploit-db.com/exploits/4787 https://www.exploit-db.com/exploits/4792 http://osvdb.org/41235 http://osvdb.org/41236 http://osvdb.org/41237 http://osvdb.org/41238 http://osvdb.org/41239 http://osvdb.org/41240 http://securityreason.com/securityalert/3493 http://www.runcms.org/modules/mydownloads/singlefile.php?lid=131 http://www.securityfocus.com/archive/1/485512/100/0/threaded http://www.securityfocus.com/bid/27019 https://exchange.xforce.ibmcl • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •