Lucene search
+L

354 matches found

cve
cve
added 2018/05/29 7:0 a.m.48 views

CVE-2018-11527

CVE-2018-11527 affects CScms v4.1, where a Cross-site request forgery (CSRF) in plugins/sys/admin/Sys.php allows remote attackers to change the administrator’s username and password via /admin.php/sys/editpass_save. Exploitation details are not provided beyond the path, but the vulnerability enab...

8.8CVSS8.8AI score0.00614EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2018/05/29 7:0 a.m.17 views

CVE-2018-11527

An issue was discovered in CScms v4.1. A Cross-site request forgery CSRF vulnerability in plugins/sys/admin/Sys.php allows remote attackers to change the administrator's username and password via /admin.php/sys/editpasssave...

8.9AI score0.00614EPSS
Exploits1References1
cnvd
cnvd
added 2018/05/25 12:0 a.m.6 views

Cscms v3.53.5 SQL Injection Vulnerability in Frontend

Cscms is a diversified content management system developed using PHP5+MYSQL as the technical basis. Cscms v3.53.5 has a SQL injection vulnerability in the frontend. An attacker can exploit the vulnerability to obtain sensitive information from the database...

7.6AI score
Exploits0
cnvd
cnvd
added 2018/05/24 12:0 a.m.2 views

Command Execution Vulnerability in Cscms v3.5 Backend

Cscms is a diversified content management system developed using PHP5+MYSQL as the technical basis. A command execution vulnerability exists in the backend of Cscms v3.5, which allows attackers to remotely execute commands and gain server privileges...

7.6AI score
Exploits0
cnvd
cnvd
added 2018/04/10 12:0 a.m.3 views

Cscms v4.1.8 Command Execution Vulnerability in Backend

Cscms is a diversified content management system developed using PHP5+MYSQL as the technical basis. Cscms v4.1.8 has a command execution vulnerability in the backend. An attacker can execute php commands by uploading malicious compressed files...

7.6AI score
Exploits0
cnvd
cnvd
added 2018/04/08 12:0 a.m.4 views

Arbitrary File Deletion Vulnerability in Cscms Version v4.1.8

Cscms is a diversified content management system developed using PHP5+MYSQL as the technical basis. Cscms v4.1.8 has an arbitrary file deletion vulnerability. An attacker can use this vulnerability to delete arbitrary files from the background and violently execute a reinstallation getshell...

7.2AI score
Exploits0
cnvd
cnvd
added 2018/02/22 12:0 a.m.4 views

File Write Vulnerability in Cscms v4.1.8

Cscms is a diversified content management system developed using PHP5+MYSQL as the technical basis. A file write vulnerability exists in Cscms v4.1.8, which is due to the system failing to effectively filter input parameters and file paths. An attacker can use this vulnerability to inject Trojan...

7.1AI score
Exploits0
seebug
seebug
added 2016/02/22 12:0 a.m.20 views

CSCMS /user/do.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2016/01/22 12:0 a.m.36 views

CSCMS在app/controllers/api/count.php中存在sql注入

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2015/05/20 12:0 a.m.40 views

CSCMS 3.5.6 /app/controllers/user/reg.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/05/15 12:0 a.m.35 views

Cscms 3.5 /app/controllers/dance.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/02/14 12:0 a.m.18 views

CSCMS V3.5 最新补丁后 又一个SQL注射(源码详析)

简要描述: CSCMS V3.5 最新补丁后 又一个SQL注射(源码详析) 之前的注射已经修补了,但是还有几处注射点没有注意到 详细说明: 在addslash + 引号保护 的情况下 要格外注意数字型变量的处理 /app/controllers/home.php line:1020 public function gbookdel header"Expires: Mon, 26 Jul 1997 05:00:00 GMT"; header"Cache-Control: no-cache, must-revalidate"; header"Pragma: no-cache";...

7AI score
Exploits0
seebug
seebug
added 2013/12/30 12:0 a.m.32 views

CSCMS V3.5 最新版 SQL注射(官方站演示+源码详析)

简要描述: CSCMS V3.5 最新版 存在着注射漏洞,已经在官方演示站证实 http://demo.chshcms.com/ 代码分析在 详细说明 中,实站演示在 漏洞证明中 详细说明: /app/controllers/user/music.php line 16 public function index //用户会员中心-音乐-我分享的-中文舞曲 $data=''; //下面几句使用了xssclean,并不会过滤SQL注射字符,尤其是单引号 $yid = $this-security-xssclean$this-input-get'yid', TRUE;...

7.1AI score
Exploits0
seebug
seebug
added 2013/12/26 12:0 a.m.117 views

CSCMS V3.5 最新版 后台命令执行GETSHELL(源码详析)

简要描述: CSCMS V3.5 最新版 后台PHP命令执行GETSHELL(源码详析) CSCMS的全新架构加强了安全性,以往的一串漏洞均已修复, 读代码,发现还有新的漏洞 代码分析见详细说明,测试演示在漏洞证明里 详细说明: 漏洞位置为后台的 网站设置-第三方登录设置 中 有关代码如下: /app/controllers/admin/setting.php line:426 public function dengluedit //设置第三方登录的几项配置 $this-CsdjAdmin-AdminQx'4'; //注意,本处已使用xssclean过滤特定字符,之后的结论会用到...

7.1AI score
Exploits0
Rows per page
Query Builder