89 matches found
CVE-2020-22334
Cross Site Request Forgery CSRF vulnerability in beescms v4 allows attackers to delete the administrator account via crafted request to /admin/adminadmin.php...
BEESCMS 跨站请求伪造漏洞
BEESCMS is a PHP and MySQL based, scalable content management system CMS. A security vulnerability exists in version v4 of BEESCMS that stems from the presence of a cross-site request forgery CSRF vulnerability that allows an attacker to delete an administrator account via a crafted request...
PT-2023-11615 · Beescms · Beescms
Name of the Vulnerable Software and Affected Versions: beescms version 4 Description: A Cross Site Request Forgery CSRF issue allows attackers to delete the administrator account via a crafted request to "/admin/admin admin.php". This can be exploited by sending a malicious request to the specifi...
CVE-2020-22334
CVE-2020-22334 describes a CSRF vulnerability in beescms v4 that enables an attacker to delete the administrator account via a crafted request to /admin/admin_admin.php. The cited CVSS 3.1 entry (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) scores 6.5 (Medium). Exploitation details are not provided in th...
BEESCMS arbitrary file upload vulnerability
BEESCMS is a template program completely separated, using PHP MYSQL technology development, with powerful SEO features, simple operation of the self-service building system. BEESCMS version 4.0 /admin/upload.php in the arbitrary file upload vulnerability. The vulnerability can be exploited by...
CVE-2020-23572
BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file...
CVE-2020-23572
BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file...
Privilege escalation
BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file...
CVE-2020-23572
BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file...
CVE-2020-23572
CVE-2020-23572 concerns BEESCMS v4.0, where an arbitrary file upload vulnerability in the /admin/upload.php component enables attackers to execute arbitrary code via a crafted image file. Multiple sources (NVD, Red Hat, CNVD, CVE listings) confirm the issue and its impact; CVSSv3.1 base score is ...
BEESCMS 代码问题漏洞
BEESCMS is a template program completely separated, using PHP MYSQL technology development, with powerful SEO features, simple operation of the self-service building system. BEESCMS version 4.0 /admin/upload.php in the arbitrary file upload vulnerability. The vulnerability can be exploited by...
BEESCMS enterprise website management system suffers from arbitrary file deletion vulnerability (CNVD-2020-64782)
BEESCMS enterprise website management system is a PHP + MYSQL, multi-language system, the content module is easy to expand, the template style. BEESCMS enterprise website management system has an arbitrary file deletion vulnerability. An attacker can exploit the vulnerability to delete system fil...
File Inclusion Vulnerability in BEESCMS Enterprise Website Management System
BEESCMS enterprise website management system is a PHP + MYSQL, multi-language system, the content module is easy to expand, the template style. A file inclusion vulnerability exists in BEESCMS enterprise website management system. An attacker can exploit this vulnerability to gain server privileg...
BEESCMS Enterprise Website Management System suffers from SQL Injection Vulnerability
BEESCMS enterprise website management system is a PHP + MYSQL, multi-language system, the content module is easy to expand, the template style. BEESCMS enterprise website management system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database...
BEESCMS suffers from an override access vulnerability
BEESCMS is a scalable content management system CMS based on PHP and MySQL. BEESCMS suffers from an override access vulnerability. An attacker can exploit the vulnerability to log in to the administrator backend without a password...
BEESCMS Backend Login suffers from SQL Injection Vulnerability
BEESCMS is an enterprise website management system based on PHP+Mysql architecture. BEESCMS backend login has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
SQL injection vulnerability in BEESCMS or***_sa***.php file
BEESCMS adopts PHP+MYSQL, featuring multi-language system and easy expansion of content modules. SQL injection vulnerability exists in BEESCMS orsa.php file. An attacker can exploit the vulnerability to obtain sensitive information in the database...
BEESCMS suffers from SQL injection vulnerability (CNVD-2020-48932)
BEESCMS adopts PHP+MYSQL, featuring multi-language system and easy expansion of content modules. BEESCMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
BEESCMS suffers from SQL injection vulnerability (CNVD-2020-48930)
BEESCMS adopts PHP+MYSQL, featuring multi-language system and easy expansion of content modules. BEESCMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
SQL Injection Vulnerability in BEESCMS
BEESCMS adopts PHP+MYSQL is a multi-language system, the content module is easy to expand, and the template style is diversified. BEESCMS SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive database information...