7210 matches found
CVE-2020-20124
Wuzhi CMS v4.1.0 contains a remote code execution RCE vulnerability in \attachment\admin\index.php...
CVE-2020-20124
Wuzhi CMS v4.1.0 contains a remote code execution RCE vulnerability in \attachment\admin\index.php...
WUZHI CMS Cross-Site Scripting Vulnerability (CNVD-2023-17601)
WUZHI CMS is a PHP and MySQL based Content Management System CMS from Beijing WuZHI Technology Co. The vulnerability can be exploited by remote attackers to perform cross-site scripting attacks via the "email username" parameter in "index.php"...
CVE-2020-19915
Cross Site Scripting XSS vulnerability exists in WUZHI CMS 4.1.0 via the mailbox username in index.php...
CVE-2020-19915
Cross Site Scripting XSS vulnerability exists in WUZHI CMS 4.1.0 via the mailbox username in index.php...
Cross site scripting
Cross Site Scripting XSS vulnerability exists in WUZHI CMS 4.1.0 via the mailbox username in index.php...
CVE-2020-19915
The CVE-2020-19915 is a Cross-Site Scripting (XSS) vulnerability in WUZHI CMS 4.1.0, exploitable via the mailbox/email username parameter in index.php. Multiple connected sources corroborate the affected product/version and the input vector, describing remote XSS through that parameter. The docum...
Wuzhi WUZHI CMS 跨站脚本漏洞
WUZHI CMS is a PHP and MySQL based Content Management System CMS from Beijing WuZHI Technology Co. The vulnerability can be exploited by remote attackers to perform cross-site scripting attacks via the "email username" parameter in "index.php"...
WUZHI CMS SQL Injection Vulnerability (CNVD-2021-99300)
WUZHI CMS Five Fingers CMS is a high-performance open source content management system that supports LNAMP architecture, suitable for portals, enterprise websites, mobile sites, microsoft promotion. Attackers can use the keywords parameter in coreframe/app/promote/admin/index.php vulnerability fo...
The vulnerability of the index.php/admin/add_user component of the Chikitsa Patient Management System allows a perpetrator to compromise the confidentiality and integrity of the protected information.
The vulnerability of the index.php/admin/adduser component of the Chikitsa Patient Management System exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows an attacker, operating remotely, to compromise the confidentiality and integrity of th...
CVE-2021-40669
SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords parameter under the coreframe/app/promote/admin/index.php file...
CVE-2021-40669
SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords parameter under the coreframe/app/promote/admin/index.php file...
CVE-2020-19159
Cross Site Request Forgery CSRF in LaikeTui v3 allows remote attackers to execute arbitrary code via the component '/index.php?module=member&action=add'...
CVE-2020-19157
Wenku CMS v3.4 contains a Cross Site Scripting (CSS) vulnerability in the ucenter index component. The flaw allows remote attackers to inject and execute arbitrary code via the Intro parameter in /index.php?m=ucenter&a=index. The NVD entry (CVE-2020-19157) lists CVSS2 base score 4.3 (MEDIUM) with...
CVE-2020-19157
Cross Site Scripting CSS in Wenku CMS v3.4 allows remote attackers to execute arbitrary code via the 'Intro' parameter for the component '/index.php?m=ucenter&a=index'...
CVE-2021-40373
playSMS before 1.4.5 allows Arbitrary Code Execution by entering PHP code at the tabs-information-page of coremainconfig, and then executing that code via the index.php?app=main&inc=corewelcome URI...
CVE-2021-40373
playSMS before 1.4.5 allows Arbitrary Code Execution by entering PHP code at the tabs-information-page of coremainconfig, and then executing that code via the index.php?app=main&inc=corewelcome URI...
CVE-2021-40373
playSMS before 1.4.5 allows Arbitrary Code Execution by entering PHP code at the tabs-information-page of coremainconfig, and then executing that code via the index.php?app=main&inc=corewelcome URI...
CVE-2021-38353 Dropdown and scrollable Text <= 2.0 Reflected Cross-Site Scripting
The Dropdown and scrollable Text WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the content parameter found in the /index.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.0...
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the...