9 matches found
CVE-2023-53892
Blackcat CMS 1.4 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the jquery plugin manager. Attackers can upload a zip file with a PHP shell script and execute arbitrary system commands by accessing the uploaded plugin'...
CVE-2023-53892 Blackcat CMS 1.4 Remote Code Execution via Jquery Plugin Manager
Blackcat CMS 1.4 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the jquery plugin manager. Attackers can upload a zip file with a PHP shell script and execute arbitrary system commands by accessing the uploaded plugin'...
CVE-2023-53892 Blackcat CMS 1.4 Remote Code Execution via Jquery Plugin Manager
Blackcat CMS 1.4 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the jquery plugin manager. Attackers can upload a zip file with a PHP shell script and execute arbitrary system commands by accessing the uploaded plugin'...
CVE-2023-53891 Blackcat CMS 1.4 Stored Cross-Site Scripting via Page Modification
Blackcat CMS 1.4 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts into page content. Attackers can insert JavaScript payloads in the page modification interface that execute when other users view the compromised page...
Blackcat Cms Cross-Site Scripting Vulnerability
Blackcat Cms is a Php-based content management system from the Blackcat team. A cross-site scripting vulnerability exists in Blackcat Cms version 1.4.1, which stems from a cross-site scripting XSS vulnerability in /settings/index.php that allows an attacker to inject a crafted payload via the sit...
Blackcat Cms 跨站脚本漏洞
BlackCat CMS is a PHP5, HTML5 content management system. A stored cross-site scripting vulnerability exists in BlackCat CMS 1.3.6. The vulnerability can be exploited to conduct a cross-site scripting attack via the Display Name field in backend/preferences/ajaxsave.php...
BlackCat CMS Cross-Site Scripting Vulnerability (CNVD-2017-24888)
BlackCat CMS is a PHP5, HTML5 content management system. A cross-site scripting vulnerability exists in the backend/settings/ajaxsavesettings.php file in BlackCat CMS, which can be exploited by remote attackers via the site title or site footer fields...
BlackCat CMS Arbitrary PHP Code Execution Vulnerability
BlackCat CMS is a PHP5, HTML5 content management system. An arbitrary PHP code execution vulnerability exists in the backend/addons/install.php file in BlackCat CMS, which can be exploited by remote attackers to execute arbitrary PHP code via a ZIP archive containing the .php file...
BlackCat CMS Directory Traversal Vulnerability
BlackCat CMS is a content management system based on PHP5 and HTML5. BlackCat CMS suffers from a directory traversal vulnerability that allows remote attackers to view the contents of system files with WEB privileges by submitting a character containing a directory traversal...