zhangjiale

4 exploits Active since Dec 2024
CVE-2024-12788 WRITEUP HIGH WRITEUP
Codezips Technical Discussion Forum 1.0 - SQL Injection via signinpost.php Username Parameter
A vulnerability was found in Codezips Technical Discussion Forum 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file signinpost.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 7.3
CVE-2024-12791 WRITEUP HIGH WRITEUP
Codezips E-Commerce Site 1.0 - SQL Injection via Email Parameter in signin.php
A vulnerability was found in Codezips E-Commerce Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file signin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 7.3
CVE-2024-12792 WRITEUP HIGH WRITEUP
Codezips E-Commerce Site 1.0 - SQL Injection via newadmin.php Email Parameter
A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file newadmin.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 7.3
CVE-2024-12794 WRITEUP MEDIUM WRITEUP
Codezips E-Commerce Site 1.0 - SQL Injection via dstatus/quantity/ddate Parameters
A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0. This affects an unknown part of the file /admin/editorder.php. The manipulation of the argument dstatus/quantity/ddate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3