📦 Navigatecms

This SQL injection vulnerability in NavigateCMS allows attackers to execute arbitrary SQL queries through the 'products-order' parameter in product.php. It affects all users running NavigateCMS versio...

This SQL injection vulnerability in NavigateCMS allows attackers to execute arbitrary SQL queries through the 'id' parameter in product.php. Attackers can potentially read, modify, or delete database ...

CVE-2021-37478 is a SQL injection vulnerability in NavigateCMS that allows attackers to execute arbitrary SQL queries through the 'block-order' parameter in the 'block' function. This affects all user...

This vulnerability allows remote attackers to upload and execute arbitrary PHP code on Navigate CMS servers by exploiting insufficient file extension validation in ZIP archive processing. It affects a...