315 matches found
CVE-2025-1335
A vulnerability, which was classified as problematic, was found in CmsEasy 7.7.7.9. Affected is the function deleteimgaction in the library lib/admin/fileadmin.php. The manipulation of the argument imgname leads to path traversal. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-1106
A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. This affects the function deletediraction/restoreaction in the library lib/admin/databaseadmin.php. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to...
CVE-2025-1336
A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic. Affected by this vulnerability is the function deleteimgaction in the library lib/admin/imageadmin.php. The manipulation of the argument imgname leads to path traversal. The attack can be launched remotely. The explo...
CVE-2025-15148
A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetempaction in the library /lib/admin/templateadmin.php of the component Backend Template Management Page. Executing a manipulation of the argument content/tempdata can lead to code injection. The attack may be launched...
CVE-2025-15148
A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetempaction in the library /lib/admin/templateadmin.php of the component Backend Template Management Page. Executing a manipulation of the argument content/tempdata can lead to code injection. The attack may be launched...
CVE-2025-15148
A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetempaction in the library /lib/admin/templateadmin.php of the component Backend Template Management Page. Executing a manipulation of the argument content/tempdata can lead to code injection. The attack may be launched...
CVE-2025-15148 CmsEasy Backend Template Management template_admin.php savetemp_action code injection
A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetempaction in the library /lib/admin/templateadmin.php of the component Backend Template Management Page. Executing a manipulation of the argument content/tempdata can lead to code injection. The attack may be launched...
CVE-2025-15148 CmsEasy Backend Template Management template_admin.php savetemp_action code injection
A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetempaction in the library /lib/admin/templateadmin.php of the component Backend Template Management Page. Executing a manipulation of the argument content/tempdata can lead to code injection. The attack may be launched...
EUVD-2025-205522
A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetempaction in the library /lib/admin/templateadmin.php of the component Backend Template Management Page. Executing manipulation of the argument content/tempdata can lead to code injection. The attack may be launched...
CVE-2025-15148
CmsEasy up to 7.7.7 is affected by a code-injection flaw in the savetemp_action function of /lib/admin/template_admin.php in the Backend Template Management Page. Manipulating the content/tempdata argument can enable remote code execution, and an exploit has been published. The vendor has not res...
CVE-2025-15148
A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetempaction in the library /lib/admin/templateadmin.php of the component Backend Template Management Page. Executing a manipulation of the argument content/tempdata can lead to code injection. The attack may be launched...
PT-2025-53663
Name of the Vulnerable Software and Affected Versions CmsEasy versions through 7.7.7 Description A flaw exists in CmsEasy that allows for code injection. The issue is located in the savetemp action function within the /lib/admin/template admin.php library of the Backend Template Management Page...
CmsEasy 代码注入漏洞
CmsEasy is a content management system CMS for creating responsive websites from China's CmsEasy company. A code injection vulnerability exists in CmsEasy 7.7.7 and earlier versions, which stems from incorrect manipulation of the parameter content/tempdata in the file /lib/admin/templateadmin.php...
CVE-2025-11332
A vulnerability was determined in CmsEasy up to 7.7.7. This affects an unknown function in the library lib/inc/view.php of the component URL Handler. Executing a manipulation of the argument PHPSELF can lead to cross site scripting. The attack may be launched remotely. The exploit has been public...
EUVD-2020-10330
Malware in sbrugna...
EUVD-2018-3700
Malware in sbrugna...
EUVD-2019-17822
Malware in sbrugna...
EUVD-2018-3699
Malware in sbrugna...
EUVD-2019-17824
Malware in sbrugna...
CVE-2025-11332
A vulnerability was determined in CmsEasy up to 7.7.7. This affects an unknown function in the library lib/inc/view.php of the component URL Handler. Executing a manipulation of the argument PHPSELF can lead to cross site scripting. The attack may be launched remotely. The exploit has been public...