EUVD-2026-10284

A vulnerability was identified in doramart DoraCMS 3.0.x. This issue affects some unknown processing of the file /api/v1/mail/send of the component Email API. Such manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit is publicly available and...

DoraCMS 代码问题漏洞

DoraCMS is an open-source application developed by DoraCMS. It is a content management system built using Node.js, eggjs, and MongoDB. Versions of DoraCMS 3.1 and earlier have code vulnerabilities. These vulnerabilities stem from the UEditor’s remote image retrieval feature, which involves...

EUVD-2020-10147

Malware in sbrugna...

EUVD-2022-38041

Malicious code in bioql PyPI...

CVE-2023-51840

DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key...

CVE-2022-25464

A stored cross-site scripting XSS vulnerability in the component /admin/contenttemp of DoraCMS v2.1.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

PT-2024-22535 · Doracms · Doracms

Name of the Vulnerable Software and Affected Versions: DOraCMS versions 2.18 and earlier Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the markdown0 function in the "/app/public/apidoc/oas3/wrap-components/markdown.jsx" endpoint. Recommendations:...

CVE-2023-51840

DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key...

DoraCMS Cross-Site Scripting Vulnerability (CNVD-2023-9750397)

DoraCMS is a software application. Based on Nodejs+eggjs+mongodb to write a content management system . A cross-site scripting XSS vulnerability exists in DoraCMS version v2.1.8. An attacker can exploit this vulnerability to execute arbitrary code by uploading a specially crafted HTML or image fi...