5 matches found
CVE-2020-28092
PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team=Task=my=3=,?g=Team=Task=my=0=,?g=Team=Task=my=1=,?g=Team=Task=my=10=...
PESCMS TEAM 2.3.2 - Multiple Reflected XSS
Exploit Title: PESCMS TEAM 2.3.2 - Multiple Reflected XSS Date: 2020-11-18 Exploit Author: icekam Vendor Homepage: https://www.pescms.com/ Software Link: https://github.com/lazyphp/PESCMS-TEAM Version: PESCMS Team 2.3.2 CVE: CVE-2020-28092 PESCMS Team 2.3.2 has multiple reflected XSS via the id...
CVE-2020-28092
creationtimestamp| type| source ---|---|--- 2020-11-18 00:39:33+00:00| seen| https://t.me/cibsecurity/16486...
CVE-2020-28092
CVE-2020-28092 affects PESCMS Team 2.3.2 and manifests as multiple reflected XSS via the id parameter in endpoints like ?g=Team&m=Task&a=my&status=...&id= across several pages. Public references (Exploit-DB, Red Hat, CNVD, NVD, OSV, PRION, Pack et al.) corroborate the vulnerability, with exploit ...
Chengdu Aicheng Technology Co., Ltd. website building system suffers from SQL injection vulnerabilities (CNVD-2020-28092)
Chengdu Aicheng Technology Co., Ltd. is a company dedicated to the development of platforms for the communications industry and the sales and after-sales of network-related products. Chengdu Aicheng Technology Co., Ltd. station building system there is a SQL injection vulnerability, attackers can...