Lucene search
K

152 matches found

NVD
NVD
added 2019/03/06 4:29 p.m.24 views

CVE-2019-9594

BlueCMS 1.6 allows SQL Injection via the userid parameter in an uploads/admin/user.php?act=edit request...

9.8CVSS9.9AI score0.01452EPSS
Exploits1References1
Prion
Prion
added 2019/03/06 4:29 p.m.12 views

Sql injection

BlueCMS 1.6 allows SQL Injection via the userid parameter in an uploads/admin/user.php?act=edit request...

7.5CVSS9.8AI score0.01452EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/03/06 4:29 p.m.1 views

CVE-2019-9594

BlueCMS 1.6 allows SQL Injection via the userid parameter in an uploads/admin/user.php?act=edit request...

9.8CVSS7.4AI score0.01452EPSS
Exploits1References1
CVE
CVE
added 2019/03/06 4:0 p.m.50 views

CVE-2019-9594

CVE-2019-9594 affects BlueCMS 1.6 and describes an SQL injection vulnerability in the parameter user_id within the uploads/admin/user.php?act=edit request. The vulnerability allows bypassing authentication and manipulating the SQL queries executed by the application, leading to potential disclosu...

9.8CVSS9.8AI score0.01452EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/03/06 4:0 p.m.23 views

CVE-2019-9594

BlueCMS 1.6 allows SQL Injection via the userid parameter in an uploads/admin/user.php?act=edit request...

9.9AI score0.01452EPSS
Exploits1References1
CNVD
CNVD
added 2019/02/20 12:0 a.m.0 views

File inclusion vulnerability in BlueCMS us***.php9 page

BlueCMS is a free professional local portal system developed by open source combination PHP + MYSQL, focusing on local portal CMS. A file inclusion vulnerability exists in the BlueCMS us.php9 page. A remote attacker can construct a payload with the parameter $POST'pay' in the script and utilize t...

6.9AI score
Exploits0
OSV
OSV
added 2018/09/04 12:29 a.m.2 views

CVE-2018-16432

BlueCMS 1.6 allows SQL Injection via the username parameter to uploads/user.php?act=indexlogin...

9.8CVSS5.8AI score0.01135EPSS
Exploits1References1
NVD
NVD
added 2018/09/04 12:29 a.m.9 views

CVE-2018-16432

BlueCMS 1.6 allows SQL Injection via the username parameter to uploads/user.php?act=indexlogin...

9.8CVSS9.9AI score0.01135EPSS
Exploits1References1
Prion
Prion
added 2018/09/04 12:29 a.m.16 views

Sql injection

BlueCMS 1.6 allows SQL Injection via the username parameter to uploads/user.php?act=indexlogin...

7.5CVSS9.8AI score0.01135EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/09/04 12:0 a.m.45 views

CVE-2018-16432

BlueCMS 1.6 is affected by CVE-2018-16432 via SQL injection in the user_name parameter to uploads/user.php?act=index_login. The underlying issue is improper input handling that enables an attacker to inject SQL through that parameter. The CVSS metrics indicate a high to critical impact (CVSSv2: 7...

9.8CVSS9.8AI score0.01135EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2018/09/04 12:0 a.m.8 views

PT-2018-13566 · Bluecms · Bluecms

Name of the Vulnerable Software and Affected Versions: BlueCMS version 1.6 Description: The issue allows SQL Injection via the user name parameter to the "uploads/user.php?act=index login" endpoint. Recommendations: For BlueCMS version 1.6, avoid using the user name parameter in the affected...

9.8CVSS9.6AI score0.01135EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/09/04 12:0 a.m.14 views

CVE-2018-16432

BlueCMS 1.6 allows SQL Injection via the username parameter to uploads/user.php?act=indexlogin...

9.9AI score0.01135EPSS
Exploits1References1
seebug.org
seebug.org
added 2017/12/18 12:0 a.m.28 views

bluecms guest_book注入

...

1.2AI score
Exploits0
seebug.org
seebug.org
added 2017/12/18 12:0 a.m.47 views

bluecms 任意文件删除漏洞导致重装getshell & XSS漏洞

...

1.5AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.30 views

BlueCMS v1.6 sp1 /admin/login.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/16 12:0 a.m.13 views

BlueCMS v1.6 sp1 ad_js.php ad_id 参数SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/07 12:0 a.m.134 views

BlueCMS v1.6 sp1 /admin/tpl_manage.php 本地文件包含漏洞

No description provided by source...

7.1AI score
Exploits0
myhack58
myhack58
added 2013/06/30 12:0 a.m.16 views

bluecms the latest version of the double-byte universal password into the background-bug warning-the black bar safety net

Brief description: bluecms the latest version i.e., v1. 6sp1,processing of login authentication when the variables are single quotes escaped, but can be used gbk double-byte coding the closing single quote and then comment to enter the background Detailed description: bluecms verify the login cod...

2.6AI score
Exploits0
seebug.org
seebug.org
added 2012/05/06 12:0 a.m.34 views

BlueCMS 1.6 include-common.func.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
NVD
NVD
added 2011/10/08 10:55 a.m.18 views

CVE-2010-4897

SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action...

7.5CVSS8.3AI score0.01098EPSS
Exploits0References3
Rows per page
Query Builder