8 matches found
doorGets SQL Injection Vulnerability (CNVD-2019-13801)
DoorGets is a free and open source content management system. A SQL injection vulnerability exists in /doorgets/app/requests/user/configurationRequest.php in doorGets 7.0 at action=analytics. A user with remote backend administrator privileges or a user with administrative configuration analytics...
DoorGets Arbitrary File Upload Vulnerability
DoorGets is a free and open source content management system. An arbitrary file upload vulnerability exists in /fileman/php/upload.php in doorGets 7.0. A remote, ordinary registered user can exploit this vulnerability to upload a backdoor file to take control of the server...
DoorGets Sensitive Information Disclosure Vulnerability
DoorGets is a free and open source content management system. A sensitive information disclosure vulnerability exists in /setup/temp/admin.php and /setup/temp/database.php in doorGets 7.0. A remote, unauthenticated attacker can exploit this vulnerability to obtain the administrator password...
DoorGets Sensitive Information Disclosure Vulnerability (CNVD-2019-13790)
DoorGets is a free and open source content management system. A sensitive information disclosure vulnerability exists in /fileman/php/renamefile.php in doorGets 7.0. A remote, unauthenticated attacker can exploit this vulnerability to obtain sensitive information about the server or make the serv...
DoorGets Sensitive Information Disclosure Vulnerability (CNVD-2019-13789)
DoorGets is a free and open source content management system. A sensitive information disclosure vulnerability exists in /fileman/php/copydir.php in doorGets 7.0. A remote, unauthenticated attacker can exploit this vulnerability to obtain sensitive information about the server...
DoorGets Sensitive Information Disclosure Vulnerability (CNVD-2019-13788)
DoorGets is a free and open source content management system. A sensitive information disclosure vulnerability exists in /fileman/php/copyfile.php in doorGets 7.0. A remote, unauthenticated attacker can exploit this vulnerability to obtain sensitive information about the server...
DoorGets Directory Traversal Vulnerability
doorGets is a content management system CMS. The system supports multiple languages, and system backups and theme changes, etc. A security vulnerability exists in doorGets version 7.0. A remote attacker can exploit the vulnerability to write arbitrary files...
CVE-2018-11126
dg-user/?controller=users&action=add in doorGets 7.0 has CSRF that results in adding an administrator account...