9 matches found
CVE-2024-11493
CVE-2024-11493 affects 115cms up to 20240807. The vulnerability is in the file /index.php/setpage/admin/pageAE.html, caused by manipulation of the tid parameter that leads to a cross-site scripting (XSS) issue. The flaw can be triggered remotely and, per sources, the exploit has been publicly dis...
CVE-2024-11491
CVE-2024-11491 affects 115cms (up to version 20240807). Affected component: file /index.php/admin/web/useradmin.html. Root cause: manipulation of the ks argument enables cross-site scripting (XSS). Exploitation can be remote; the exploit has been disclosed publicly. Evidence in PT-2024-17030 and ...
115cms 代码注入漏洞
115cms is a multi-module intelligent website builder from Guizhou Forxin Technology 115cms Company in China. A code injection vulnerability exists in 115cms version 20240807 and earlier versions, which stems from the incorrect operation of the parameter tid that can lead to cross-site scripting...
PT-2024-17026 · 115Cms · 115Cms
Name of the Vulnerable Software and Affected Versions: 115cms versions up to 20240807 Description: A vulnerability was found in the processing of the file /app/admin/view/web user.html, where the manipulation of the argument ks leads to cross-site scripting. The attack may be initiated remotely...
115cms 代码注入漏洞
115cms is a multi-module intelligent website builder from Guizhou Forxin Technology 115cms Company in China. A code injection vulnerability exists in 115cms version 20240807 and earlier versions, which stems from an incorrect operation of the parameter ks that can lead to cross-site scripting...
PT-2024-17030 · 115Cms · 115Cms
Name of the Vulnerable Software and Affected Versions: 115cms versions up to 20240807 Description: A vulnerability was found in some unknown functionality of the file /index.php/admin/web/useradmin.html. The manipulation of the ks argument leads to cross-site scripting. The attack may be launched...
PT-2024-17027 · 115Cms · 115Cms
Name of the Vulnerable Software and Affected Versions: 115cms up to 20240807 Description: A vulnerability was found in an unknown function of the file /index.php/admin/web/file.html, which can be exploited to launch a cross-site scripting attack remotely by manipulating the ks argument. The explo...
PT-2024-17029 · 115Cms · 115Cms
Name of the Vulnerable Software and Affected Versions: 115cms up to 20240807 Description: A vulnerability was found in an unknown functionality of the file /index.php/admin/web/set.html. The manipulation of the type argument leads to cross-site scripting. The attack can be launched remotely...
115cms 代码注入漏洞
115cms is a multi-module intelligent website builder from Guizhou Forxin Technology 115cms Company in China. A code injection vulnerability exists in 115cms version 20240807 and earlier versions, which stems from an incorrect operation of the parameter ks that can lead to cross-site scripting...