168 matches found
elitecms SQL注入漏洞
Elitecms is a web content management from elitecms India. elitecms version 1.01 has a SQL injection vulnerability, which originates from /admin/editpage.php?page= page lack of validation of external input SQL statements, an attacker can use the vulnerability to execute illegal SQL commands to ste...
elitecms SQL注入漏洞
Elitecms is a Web content management from elitecms India. elitecms version 1.01 has a SQL injection vulnerability that originates from the lack of validation of external input SQL statements on the /admin/addpost.php page, which can be exploited by attackers to execute illegal SQL commands to ste...
elitecms SQL注入漏洞
Elitecms is a web content management from elitecms India. elitecms version 1.01 is vulnerable to SQL injection, which originates from admin/editsidebar.php?page=2 & sidebar The page sidebar parameter lacks validation for external input SQL statements, and an attacker could exploit the vulnerabili...
elitecms SQL注入漏洞
Elitecms is a web content management by elitecms India. elitecms version 1.01 has a SQL injection vulnerability, which originates from the /admin/editsidebar.php page page parameter lack of validation of external input SQL statements, an attacker can use this vulnerability to execute illegal SQL...
elitecms 路径遍历漏洞
Elitecms is a web content management from elitecms India. elitecms version 1.01 has an arbitrary file deletion vulnerability that can be exploited by attackers to delete any file...
elitecms 代码问题漏洞
Elitecms is a web content management from elitecms India. elitecms 1.01 has an arbitrary code execution vulnerability that can be exploited by attackers to execute arbitrary code attacks via admin/manageuploads.php...
elitecms SQL注入漏洞
Elitecms is a Web content management from elitecms India. elitecms version 1.01 has a SQL injection vulnerability that originates from the /admin/addsidebar.php page's lack of validation of external input SQL statements, which can be exploited by attackers to execute illegal SQL commands to steal...
CVE-2022-30804
elitecms v1.01 is vulnerable to Delete any file via /admin/deleteimage.php?file=...
CVE-2022-30804
The vulnerability CVE-2022-30804 affects elitecms v1.01, with a concrete flaw allowing arbitrary file deletion via the API endpoint /admin/delete_image.php?file= (and variant naming in sources as /admin/delete image.php?file=). This is supported by the PT-2022-20323 advisory, which specifies the ...
CVE-2022-30808
elitecms 1.0.1 is vulnerable to Arbitrary code execution via admin/manageuploads.php...
CVE-2022-30808
CVE-2022-30808 affects elitecms 1.0.1. The vulnerability is described as an arbitrary code execution via admin/manage_uploads.php. The NVD entry lists a CVSS v3.1 base score of 9.8 (CRITICAL) with network access, no privileges required, no user interaction, and high impact on confidentiality, int...
CVE-2022-30809
elitecms 1.01 is vulnerable to SQL Injection via /admin/editpage.php?page=...
CVE-2022-30809
CVE-2022-30809 affects elitecms 1.01, with a SQL injection vulnerability in /admin/edit_page.php?page=. The issue arises from lack of input validation on external input used to construct SQL statements, enabling an attacker to execute arbitrary SQL commands and potentially access or modify the da...
CVE-2022-30810
elitecms v1.01 is vulnerable to SQL Injection via admin/editpost.php...
CVE-2022-30810
CVE-2022-30810 affects elitecms v1.01. The vulnerability is an SQL Injection in admin/edit_post.php caused by lack of validation of external input in SQL statements, enabling an attacker to manipulate queries and access or modify database data. Reported CVSS details indicate a high to critical im...
CVE-2022-30813
elitecms 1.01 is vulnerable to SQL Injection via /admin/addpost.php...
CVE-2022-30813
CVE-2022-30813 affects elitecms 1.01 and is caused by a lack of input validation on the /admin/add_post.php page, enabling SQL Injection. Multiple connected sources corroborate the vulnerability and affected product/version. The NVD and other records assign a high/critical impact (CVSS v3.1: 9.8,...
CVE-2022-30814
CVE-2022-30814 affects elitecms v1.01 and is a SQL Injection vulnerability in /admin/add_sidebar.php caused by lack of input validation. Public sources describe attackers possibly stealing sensitive database data by exploiting SQL statements derived from user input. CVSS metrics in the initial en...
CVE-2022-30814
elitecms v1.01 is vulnerable to SQL Injection via /admin/addsidebar.php...
CVE-2022-30815
elitecms 1.01 is vulnerable to SQL Injection via admin/editsidebar.php?page=2&sidebar=...