10 matches found
CScms SQL Injection Vulnerability (CNVD-2022-33155)
CScms is a content management system CMS developed based on the CI framework. CScms is vulnerable to SQL injection, which can be exploited by attackers to conduct injection attacks via the component danceDance.phpdel...
CScms SQL Injection Vulnerability (CNVD-2022-33154)
CScms is a content management system CMS developed based on the CI framework.Cscms Music Portal System v4.2 is vulnerable to SQL injection, which can be exploited by attackers to conduct injection attacks via the component danceDance.phphy...
CScms SQL Injection Vulnerability (CNVD-2022-33152)
CScms is a content management system CMS developed based on the CI framework. cscms Music Portal System v4.2 is vulnerable to SQL injection, which can be exploited by attackers via the component danceLists.phpzhuan...
CScms SQL Injection Vulnerability (CNVD-2022-33153)
CScms is a content management system CMS developed based on the CI framework. cscms Music Portal System v4.2 is vulnerable to SQL injection, which can be exploited by attackers to conduct injection attacks via the component danceTopic.phpdel...
CSCMS has unspecified vulnerabilities
CScms is a content management system CMS developed based on the CI framework. cscms v4.0 is vulnerable due to a lack of effective protection against brute force attacks in the software user login box, which can be exploited by attackers to hijack user accounts via brute force attacks...
Mccms has a file upload vulnerability
Mccms is a comic + novel system developed using the Ci framework as its core. Mccms has a file upload vulnerability that can be exploited by attackers to gain control of the server...
Arbitrary File Download Vulnerability in Mccms
Mccms is a comic + novel system developed using the Ci framework as its core. Mccms has an arbitrary file download vulnerability that can be exploited by attackers to obtain sensitive information...
Command Execution Vulnerability in Man City CMS
Man City CMS program is a set of CI framework for the development of the core, in the PHP + MYSQL environment running under the perfect and powerful rapid station-building system. A command execution vulnerability exists in ManCity CMS, which can be exploited by attackers to cause command executi...
CScms Arbitrary Directory Deletion Vulnerability
CScms is a content management system CMS developed on a CI framework. An arbitrary directory deletion vulnerability exists in CScms version 4.1. An attacker can delete arbitrary directories by sending a dir=... to the plugins\sys\admin\Plugins.php page. \\ sub-string to the...
Shopex开放平台SQL注入和Getshell
简要描述: SQL注入. 详细说明: BBScan 扫到一个git信息泄露: http://open.shopex.cn/.git/ 使用rip-git.pl把源码下载下来. 源码审计发现一个sql注入: open.shopex.cn\core\application\controllers\docs.php: / API接口搜索列表页 @access public @return void / public function apisearch$categoryid $this-data'navigations' = array'name'='开发文档','url'='';...