4 matches found
CVE-2024-32337
A cross-site scripting XSS vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ADMIN LOGIN URL parameter under the Security module...
GHSA-V435-PFJ6-68R3 Cross-site Scripting in JFinal
Cross Site Scripting XSS vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the /admin/login username parameter...
JFinal Cross-Site Scripting Vulnerability
JFinal is a Java language based WEB + ORM open source framework. A cross-site scripting vulnerability exists in JFinal version 5.0.0, which originates from allowing an attacker to run arbitrary code via the /admin/login password parameter...
LAOBANCMS SQL Injection Vulnerability
Laoban CMS LAOBANCMS content management system is based on PHP + MYSQL environment developed by the old class of open-source website building system . LAOBANCMS 2.0 has a SQL injection vulnerability. Attackers can exploit this vulnerability through the admin/login.php guanliyuan parameter for SQL...