168 matches found
CVE-2022-24222
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edituser.php...
CVE-2022-24219
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/editpage.php...
CVE-2022-24220
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/editpost.php...
Sql injection
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/editpage.php...
Sql injection
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/editpost.php...
Code injection
eliteCMS v1.0 is vulnerable to Insecure Permissions via manageuploads.php...
Sql injection
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php...
Sql injection
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edituser.php...
Code injection
An issue in /admin/deleteimage.php of eliteCMS v1.0 allows attackers to delete arbitrary files...
CVE-2022-24220
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/editpost.php...
CVE-2022-24220
EliteCMS v1.0 contains a SQL injection vulnerability in /admin/edit_post.php due to lack of validation of externally entered SQL statements. This affects the web CMS component and can allow an attacker to manipulate queries, potentially impacting data confidentiality, integrity, and availability ...
CVE-2022-24222
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edituser.php...
CVE-2022-24222
The CVE-2022-24222 entry concerns eliteCMS v1.0 with a SQL injection vulnerability in the admin path (/admin/edit_user.php). The issue allows remote attackers to submit a crafted SQL request to manipulate the database, obtain sensitive information, or execute arbitrary code, as described across m...
CVE-2022-24221
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php...
CVE-2022-24221
CVE-2022-24221 affects eliteCMS v1.0, with a vulnerability in the file path /admin/functions/functions.php that enables a SQL injection. The connected documents consistently describe remote-exploitation potential through crafted SQL requests to manipulate the database, access sensitive data, or p...
CVE-2022-24219
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/editpage.php...
CVE-2022-24219
CVE-2022-24219 affects eliteCMS v1.0, with a SQL injection in the /admin/edit_page.php path. The root cause is unsanitized or improperly validated SQL statements in the edit_page.php component, enabling an attacker to manipulate queries and potentially access or modify data. Public documents cons...
CVE-2022-24218
An issue in /admin/deleteimage.php of eliteCMS v1.0 allows attackers to delete arbitrary files...
CVE-2022-24218
CVE-2022-24218 affects eliteCMS v1.0. The issue resides in /admin/delete_image.php and allows attackers to delete arbitrary files. From the provided metrics, CVSSv2 base score is 6.4 (Network, Low attack complexity, None auth, I/P) with Partial integrity/Partial availability impact, and CVSSv3.1 ...
CVE-2021-46093
eliteCMS v1.0 is vulnerable to Insecure Permissions via manageuploads.php...