Drupal core Denial of Service

A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are rebuilt...

GHSA-PR99-C33P-FWF6 Drupal core Denial of Service

A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are rebuilt...

Drupal core Denial of Service

A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are rebuilt...

PT-2024-40413 · Packagist · Drupal Core

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned, use: affected versions not specified Description: A visit to the install.php endpoint can cause cached data to become corrupted, potentially impairing a site until caches are rebuilt. Recommendation...

PT-2024-40492 · Packagist · Drupal/Drupal

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned Description: A visit to the install.php endpoint can cause cached data to become corrupted, potentially impairing a site until caches are rebuilt. Recommendations: At the moment, there is no...

CVE-2024-31022

An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component...

CVE-2024-31022

An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component...

CVE-2024-31022

An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component...

PT-2024-23728 · Candycms · Candycms

Name of the Vulnerable Software and Affected Versions: CandyCMS version 1.0.0 Description: An issue was discovered in CandyCMS, allowing remote attackers to execute arbitrary code via the install.php component. Recommendations: For CandyCMS version 1.0.0, consider disabling access to the...

CVE-2024-2245

Cross-Site Scripting vulnerability in moziloCMS version 2.0. By sending a POST request to the '/install.php' endpoint, a JavaScript payload could be executed in the 'username' parameter...

Cross site scripting

Cross-Site Scripting vulnerability in moziloCMS version 2.0. By sending a POST request to the '/install.php' endpoint, a JavaScript payload could be executed in the 'username' parameter...

CVE-2024-22570

A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2024-22570

A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

Cross site scripting

A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2024-22570

A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2024-0411

A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...

CVE-2024-0414

CVE-2024-0414 affects DeShang DSCMS up to version 3.1.2/7.1, with an issue in an unknown function of public/install.php that leads to improper access controls. The vulnerability can be exploited remotely and the exploit has been disclosed publicly (VDB-250434). Multiple connected sources corrobor...

CVE-2024-0414 DeShang DSCMS install.php access control

A vulnerability classified as problematic has been found in DeShang DSCMS up to 3.1.2/7.1. Affected is an unknown function of the file public/install.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public...

CVE-2024-0414 DeShang DSCMS install.php access control

A vulnerability classified as problematic has been found in DeShang DSCMS up to 3.1.2/7.1. Affected is an unknown function of the file public/install.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public...

CVE-2024-0413 DeShang DSKMS install.php access control

A vulnerability was found in DeShang DSKMS up to 3.1.2. It has been rated as problematic. This issue affects some unknown processing of the file public/install.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the publ...