109 matches found
CVE-2020-24271
A CSRF vulnerability was discovered in EasyCMS v1.6 that can add an admin account through index.php?s=/admin/rbacuser/insert/navTabId/rbacuser/callbackType/closeCurrent, then post username==...
CVE-2022-23358
EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement...
CVE-2022-23358
EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement...
CVE-2022-23358
EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement...
Sql injection
EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement...
CVE-2022-23358
EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement...
CVE-2022-23358
CVE-2022-23358 affects EasyCMS v1.6. The vulnerability arises in ArticlemAction.class.php where user-supplied search terms are unsanitized and directly used to construct SQL, enabling a SQL injection. Multiple sources (NVD, Red Hat, OSV, CVE lists) describe this as a SQL-injection flaw with impac...
EasyCMS SQL注入漏洞
EasyCMS is a Php-based website builder from the EasyCMS community. A SQL injection vulnerability exists in EasyCMS, which stems from the product ArticlemAction.class.php file not effectively handling special characters in user-supplied search term data. An attacker can execute malicious SQL...
EasyCMS Cross-Site Request Forgery Vulnerability (CNVD-2021-09498)
EasyCMS is lightweight scalable open source content management program, following the Apache2 open source agreement. A cross-site request forgery vulnerability exists in EasyCMS 1.6. An attacker can add an administrator account via...
CVE-2020-24271
A CSRF vulnerability was discovered in EasyCMS v1.6 that can add an admin account through index.php?s=/admin/rbacuser/insert/navTabId/rbacuser/callbackType/closeCurrent, then post username=&password=...
CVE-2020-24271
A CSRF vulnerability was discovered in EasyCMS v1.6 that can add an admin account through index.php?s=/admin/rbacuser/insert/navTabId/rbacuser/callbackType/closeCurrent, then post username=&password=...
Cross site request forgery (csrf)
A CSRF vulnerability was discovered in EasyCMS v1.6 that can add an admin account through index.php?s=/admin/rbacuser/insert/navTabId/rbacuser/callbackType/closeCurrent, then post username=&password=...
CVE-2020-24271
CVE-2020-24271 concerns a CSRF vulnerability in EasyCMS v1.6 that allows an attacker to add an administrator account by requesting index.php?s=/admin/rbacuser/insert/navTabId/rbacuser/callbackType/closeCurrent and submitting username and password. The issue arises from a cross-site request issue ...
CVE-2020-24271
A CSRF vulnerability was discovered in EasyCMS v1.6 that can add an admin account through index.php?s=/admin/rbacuser/insert/navTabId/rbacuser/callbackType/closeCurrent, then post username=&password=...
EasyCMS 跨站请求伪造漏洞
EasyCMS is lightweight scalable open source content management program, following the Apache2 open source agreement. A cross-site request forgery vulnerability exists in EasyCMS 1.6. An attacker can add an administrator account via...
EasyCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-02517)
EasyCMS is a scalable lightweight open source content management system CMS written in PHP. EasyCMS 1.5 version of the cross-site request forgery vulnerability , remote attackers can use index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent URI to exploit the...
CVE-2019-6294
An issue was discovered in EasyCMS 1.5. There is CSRF via the index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent URI...
Cross site request forgery (csrf)
An issue was discovered in EasyCMS 1.5. There is CSRF via the index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent URI...
CVE-2019-6294
An issue was discovered in EasyCMS 1.5. There is CSRF via the index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent URI...
CVE-2019-6294
An issue was discovered in EasyCMS 1.5. There is CSRF via the index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent URI...