168 matches found
CVE-2022-30815
elitecms 1.01 is vulnerable to SQL Injection via admin/editsidebar.php?page=2&sidebar=...
CVE-2022-30816
CVE-2022-30816 affects elitecms 1.01 and is a SQL Injection vulnerability exploitable via the /admin/edit_sidebar.php page. The root cause is lack of validation of the external input SQL statements in the page parameter, enabling an attacker to execute arbitrary SQL commands to steal sensitive da...
CVE-2022-30816
elitecms 1.01 is vulnerable to SQL Injection via /admin/editsidebar.php...
PT-2022-20323 · Elitecms · Elitecms
Name of the Vulnerable Software and Affected Versions: elitecms version 1.01 Description: The issue allows deletion of any file via the "/admin/delete image.php?file=" API endpoint. The estimated number of potentially affected devices worldwide is not specified. There is no information about...
eliteCMS /admin/edit_user.php SQL Injection Vulnerability
eliteCMS is a popular content management system. A SQL injection vulnerability exists in eliteCMS /admin/edituser.php, which can be exploited by remote attackers to submit a special SQL request to manipulate the database, obtain sensitive information or execute arbitrary code...
eliteCMS /admin/functions/functions.php SQL Injection Vulnerability
eliteCMS is a popular content management system. A SQL injection vulnerability exists in eliteCMS /admin/functions/functions.php, which can be exploited by remote attackers to submit a special SQL request to manipulate the database, obtain sensitive information or execute arbitrary code...
CVE-2022-24218
An issue in /admin/deleteimage.php of eliteCMS v1.0 allows attackers to delete arbitrary files...
CVE-2022-24220
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/editpost.php...
CVE-2022-24219
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/editpage.php...
CVE-2022-24218
An issue in /admin/deleteimage.php of eliteCMS v1.0 allows attackers to delete arbitrary files...
CVE-2022-24222
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edituser.php...
CVE-2021-46093
eliteCMS v1.0 is vulnerable to Insecure Permissions via manageuploads.php...
CVE-2022-24220
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/editpost.php...
CVE-2021-46093
eliteCMS v1.0 is vulnerable to Insecure Permissions via manageuploads.php...
CVE-2022-24220
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/editpost.php...
CVE-2022-24221
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php...
CVE-2022-24218
An issue in /admin/deleteimage.php of eliteCMS v1.0 allows attackers to delete arbitrary files...
CVE-2022-24221
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php...
CVE-2022-24222
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edituser.php...
CVE-2022-24221
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php...