A Cross-site request forgery (CSRF) vulnerability in Cscms music portal system v4.2 allows remote attackers to change the administrator's username and...
6.5CVSS
6.6AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at...
8.8CVSS
8.9AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at...
8.8CVSS
8.9AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at...
8.8CVSS
8.9AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted...
8.8CVSS
8.9AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
Cscms 4.1 is vulnerable to SQL Injection. Log into the background, open the song module, create a new song, delete it to the recycle bin, and SQL injection security problems will occur when emptying the recycle...
8.8CVSS
9AI Score
0.001EPSS
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component...
7.2CVSS
7.2AI Score
0.001EPSS
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component...
7.2CVSS
7.2AI Score
0.001EPSS
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component...
7.2CVSS
7.2AI Score
0.001EPSS
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component...
7.2CVSS
7.2AI Score
0.001EPSS
Cscms Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the component...
7.2CVSS
7.3AI Score
0.001EPSS
Cscms Music Portal System v4.2 was discovered to contain a redirection vulnerability via the backurl...
5.4CVSS
5.5AI Score
0.001EPSS
9.8CVSS
9.9AI Score
0.002EPSS
9.8CVSS
9.9AI Score
0.002EPSS
An issue in the user login box of CSCMS v4.0 allows attackers to hijack user accounts via brute force...
9.8CVSS
9.3AI Score
0.002EPSS
A remote code execution (RCE) vulnerability in the \Playsong.php component of cscms v4.1 allows attackers to execute arbitrary...
9.8CVSS
9.8AI Score
0.008EPSS
An issue was discovered in Cscms 4.1.0. There is an admin.php/pay CSRF vulnerability that can change the payment account to redirect...
6.5CVSS
6.4AI Score
0.001EPSS
8.1CVSS
8AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.002EPSS
CScms 4.1 allows remote code execution, as demonstrated by 1');eval($_POST[cmd]);# in Web Name to...
9.8CVSS
9.5AI Score
0.07EPSS
CScms 4.1 allows arbitrary file upload by (for example) adding the php extension to the default filetype list (gif, jpg, png), and then providing a .php pathname within fileurl JSON...
9.8CVSS
9.3AI Score
0.008EPSS
6.1CVSS
5.9AI Score
0.001EPSS
8.8CVSS
8.6AI Score
0.001EPSS
Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via...
8.8CVSS
8.6AI Score
0.001EPSS
An issue was discovered in Cscms V4.1.8. There is a CSRF vulnerability that can modify a website's basic configuration via...
6.5CVSS
6.5AI Score
0.001EPSS
An issue was discovered in CScms v4.1. A Cross-site request forgery (CSRF) vulnerability in plugins/sys/admin/Sys.php allows remote attackers to change the administrator's username and password via...
8.8CVSS
8.8AI Score
0.002EPSS