Phpsugar : Security Vulnerabilities, CVEs,
PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist.
Max CVSS
9.8
EPSS Score
0.21%
Published
2018-01-09
Updated
2018-01-31
In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the page_title parameter.
Max CVSS
6.1
EPSS Score
0.08%
Published
2017-10-19
Updated
2017-11-07
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php.
Max CVSS
9.8
EPSS Score
0.16%
Published
2017-10-18
Updated
2017-11-08
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin/edit_category.php.
Max CVSS
8.8
EPSS Score
0.08%
Published
2017-10-18
Updated
2017-11-08
In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php.
Max CVSS
9.8
EPSS Score
0.95%
Published
2017-10-24
Updated
2017-11-14
SQL injection vulnerability in rss.php in Ultimate Regnow Affiliate (URA) 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2009-08-20
Updated
2017-09-19
6 vulnerabilities found