6 matches found
CVE-2024-48573
A NoSQL injection vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to reset user and administrator account passwords via the "Reset password" feature...
CVE-2024-48572
A User enumeration vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to obtain email addresses via the "Add a user" feature. The vulnerability occurs due to insufficiently validated user input being processed as a regular expression, which is then matched against emai...
AquilaCMS 安全漏洞
AquilaCMS is a complete multipurpose open source CMS from the AquilaCMS team. A security vulnerability exists in AquilaCMS version 1.409.20 and prior versions that originates from user input that is not adequately validated by the Add a user feature. This allows an unauthenticated attacker to...
PT-2024-33151 · Aquilacms · Aquilacms
Name of the Vulnerable Software and Affected Versions: AquilaCMS versions 1.409.20 and prior Description: The issue arises from insufficient validation of user input, which is processed as a regular expression to find duplicate email addresses via the "Add a user" feature, allowing unauthenticate...
PT-2024-33152 · Aquilacms · Aquilacms
Name of the Vulnerable Software and Affected Versions: AquilaCMS versions 1.409.20 and prior Description: A NoSQL injection issue allows unauthenticated attackers to reset user and administrator account passwords via the "Reset password" feature. Recommendations: For versions 1.409.20 and prior, ...
AquilaCMS 安全漏洞
AquilaCMS is a complete multipurpose open source CMS from the AquilaCMS team. A security vulnerability exists in AquilaCMS version 1.409.20 and prior versions, which stems from the Reset password feature containing a SQL injection vulnerability...