Lucene search
K

89 matches found

Cvelist
Cvelist
added 2023/05/08 12:0 a.m.21 views

CVE-2020-22334

Cross Site Request Forgery CSRF vulnerability in beescms v4 allows attackers to delete the administrator account via crafted request to /admin/adminadmin.php...

6.6AI score0.00367EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/05/08 12:0 a.m.5 views

BEESCMS 跨站请求伪造漏洞

BEESCMS is a PHP and MySQL based, scalable content management system CMS. A security vulnerability exists in version v4 of BEESCMS that stems from the presence of a cross-site request forgery CSRF vulnerability that allows an attacker to delete an administrator account via a crafted request...

6.5CVSS6.3AI score0.00367EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/05/08 12:0 a.m.4 views

PT-2023-11615 · Beescms · Beescms

Name of the Vulnerable Software and Affected Versions: beescms version 4 Description: A Cross Site Request Forgery CSRF issue allows attackers to delete the administrator account via a crafted request to "/admin/admin admin.php". This can be exploited by sending a malicious request to the specifi...

6.5CVSS6.4AI score0.00367EPSS
Exploits1References4
CVE
CVE
added 2023/05/08 12:0 a.m.41 views

CVE-2020-22334

CVE-2020-22334 describes a CSRF vulnerability in beescms v4 that enables an attacker to delete the administrator account via a crafted request to /admin/admin_admin.php. The cited CVSS 3.1 entry (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) scores 6.5 (Medium). Exploitation details are not provided in th...

6.5CVSS6.5AI score0.00367EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2021/11/09 12:0 a.m.18 views

BEESCMS arbitrary file upload vulnerability

BEESCMS is a template program completely separated, using PHP MYSQL technology development, with powerful SEO features, simple operation of the self-service building system. BEESCMS version 4.0 /admin/upload.php in the arbitrary file upload vulnerability. The vulnerability can be exploited by...

8.8CVSS4.4AI score0.01302EPSS
Exploits1References1
NVD
NVD
added 2021/11/08 9:15 p.m.30 views

CVE-2020-23572

BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file...

8.8CVSS0.01302EPSS
Exploits1References1
OSV
OSV
added 2021/11/08 9:15 p.m.4 views

CVE-2020-23572

BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file...

8.8CVSS6AI score0.01302EPSS
Exploits1References1
Prion
Prion
added 2021/11/08 9:15 p.m.13 views

Privilege escalation

BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file...

6.8CVSS8.9AI score0.01302EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/11/08 8:46 p.m.28 views

CVE-2020-23572

BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file...

8.9AI score0.01302EPSS
Exploits1References1
CVE
CVE
added 2021/11/08 8:46 p.m.47 views

CVE-2020-23572

CVE-2020-23572 concerns BEESCMS v4.0, where an arbitrary file upload vulnerability in the /admin/upload.php component enables attackers to execute arbitrary code via a crafted image file. Multiple sources (NVD, Red Hat, CNVD, CVE listings) confirm the issue and its impact; CVSSv3.1 base score is ...

8.8CVSS8.9AI score0.01302EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/11/08 12:0 a.m.6 views

BEESCMS 代码问题漏洞

BEESCMS is a template program completely separated, using PHP MYSQL technology development, with powerful SEO features, simple operation of the self-service building system. BEESCMS version 4.0 /admin/upload.php in the arbitrary file upload vulnerability. The vulnerability can be exploited by...

8.8CVSS6.2AI score0.01302EPSS
Exploits1References2
CNVD
CNVD
added 2020/11/03 12:0 a.m.2 views

BEESCMS enterprise website management system suffers from arbitrary file deletion vulnerability (CNVD-2020-64782)

BEESCMS enterprise website management system is a PHP + MYSQL, multi-language system, the content module is easy to expand, the template style. BEESCMS enterprise website management system has an arbitrary file deletion vulnerability. An attacker can exploit the vulnerability to delete system fil...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/11/03 12:0 a.m.3 views

File Inclusion Vulnerability in BEESCMS Enterprise Website Management System

BEESCMS enterprise website management system is a PHP + MYSQL, multi-language system, the content module is easy to expand, the template style. A file inclusion vulnerability exists in BEESCMS enterprise website management system. An attacker can exploit this vulnerability to gain server privileg...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/10/30 12:0 a.m.3 views

BEESCMS Enterprise Website Management System suffers from SQL Injection Vulnerability

BEESCMS enterprise website management system is a PHP + MYSQL, multi-language system, the content module is easy to expand, the template style. BEESCMS enterprise website management system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database...

7.9AI score
Exploits0
CNVD
CNVD
added 2020/10/25 12:0 a.m.1 views

BEESCMS suffers from an override access vulnerability

BEESCMS is a scalable content management system CMS based on PHP and MySQL. BEESCMS suffers from an override access vulnerability. An attacker can exploit the vulnerability to log in to the administrator backend without a password...

6.9AI score
Exploits0
CNVD
CNVD
added 2020/10/24 12:0 a.m.1 views

BEESCMS Backend Login suffers from SQL Injection Vulnerability

BEESCMS is an enterprise website management system based on PHP+Mysql architecture. BEESCMS backend login has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.9AI score
Exploits0
CNVD
CNVD
added 2020/09/04 12:0 a.m.1 views

SQL injection vulnerability in BEESCMS or***_sa***.php file

BEESCMS adopts PHP+MYSQL, featuring multi-language system and easy expansion of content modules. SQL injection vulnerability exists in BEESCMS orsa.php file. An attacker can exploit the vulnerability to obtain sensitive information in the database...

7.7AI score
Exploits0
CNVD
CNVD
added 2020/07/26 12:0 a.m.2 views

BEESCMS suffers from SQL injection vulnerability (CNVD-2020-48932)

BEESCMS adopts PHP+MYSQL, featuring multi-language system and easy expansion of content modules. BEESCMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.9AI score
Exploits0
CNVD
CNVD
added 2020/07/26 12:0 a.m.1 views

BEESCMS suffers from SQL injection vulnerability (CNVD-2020-48930)

BEESCMS adopts PHP+MYSQL, featuring multi-language system and easy expansion of content modules. BEESCMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.9AI score
Exploits0
CNVD
CNVD
added 2020/07/24 12:0 a.m.2 views

SQL Injection Vulnerability in BEESCMS

BEESCMS adopts PHP+MYSQL is a multi-language system, the content module is easy to expand, and the template style is diversified. BEESCMS SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive database information...

7.8AI score
Exploits0
Rows per page
Query Builder