lemon666/vuln

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-18215 ↗	Feb 9, 2021Tuesday, 9 February 2021, 19:15	8.8 HIGH	6.5 MEDIUM
Multiple SQL Injection vulnerabilities in PHPSHE 1.7 in phpshe/admin.php via the (1) ad_id, (2) menu_id, and (3) cashout_id parameters, which could let a remote malicious user execute arbitrary code.
CVE-2017-12789 ↗	May 10, 2019Friday, 10 May 2019, 15:29	—	6.8 MEDIUM
Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). The impact is: Information Disclosure (remote). The component is: admin/interface/online/delete.php. The attack vector is: The administrator clicks on the malicious link in the login state.
CVE-2017-12790 ↗	May 9, 2019Thursday, 9 May 2019, 17:29	—	4.3 MEDIUM
Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). The impact is: Information Disclosure (remote). The component is: admin/index.php. The attack vector is: The administrator clicks on the malicious link in the login state.
CVE-2017-12788 ↗	May 9, 2019Thursday, 9 May 2019, 15:29	—	4.3 MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in Metinfo 5.3.18 allows remote attackers to inject arbitrary web script or HTML via the (1) class1 parameter or the (2) anyid parameter.