Lucene search
K

59 matches found

Cvelist
Cvelist
added 2021/12/27 10:22 p.m.26 views

CVE-2020-21237

An issue in the user login box of LJCMS v1.11 allows attackers to hijack user accounts via brute force attacks...

9.4AI score0.01093EPSS
Exploits1References1
CVE
CVE
added 2021/12/27 10:22 p.m.63 views

CVE-2020-21237

CVE-2020-21237 affects LJCMS v1.11 and is due to a login-box vulnerability that allows brute-force attempts to hijack user accounts. The available documents explicitly describe a lack of effective protection against brute-force login, enabling account hijacking. No concrete patch details, affecte...

9.8CVSS9.2AI score0.01093EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2021/08/19 12:0 a.m.28 views

Ljcmsshop SQL Injection Vulnerability

Find a Place LJCMS v1.3 is vulnerable to SQL injection, which can be exploited by attackers to access sensitive database information via a crafted POST request...

7.5CVSS4.7AI score0.01254EPSS
Exploits1References1
NVD
NVD
added 2021/08/18 6:15 p.m.15 views

CVE-2020-22122

A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database information via a crafted POST request...

7.5CVSS0.01254EPSS
Exploits1References1
OSV
OSV
added 2021/08/18 6:15 p.m.2 views

CVE-2020-22122

A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database information via a crafted POST request...

7.5CVSS5.9AI score0.01254EPSS
Exploits1References1
Prion
Prion
added 2021/08/18 6:15 p.m.16 views

Sql injection

A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database information via a crafted POST request...

5CVSS7.6AI score0.01254EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/08/18 5:54 p.m.42 views

CVE-2020-22122

Find a Place LJCMS v1.3 contains a SQL injection in /oa.php?c=Staff&a=read that can allow a crafted POST request to access sensitive database information. The affected component appears to be the LJCMS web application’s staff read endpoint; root cause is SQL injection. Several sources (NVD, Red H...

7.5CVSS7.5AI score0.01254EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/08/18 12:0 a.m.4 views

Ljcms SQL注入漏洞

Find a Place LJCMS v1.3 is vulnerable to SQL injection, which can be exploited by attackers to access sensitive database information via a crafted POST request...

7.5CVSS5.8AI score0.01254EPSS
Exploits1References1
NVD
NVD
added 2021/08/12 3:15 p.m.19 views

CVE-2020-20979

An arbitrary file upload vulnerability in the moveuploadedfile function of LJCMS v4.3 allows attackers to execute arbitrary code...

9.8CVSS0.01603EPSS
Exploits1References1
Prion
Prion
added 2021/08/12 3:15 p.m.19 views

Privilege escalation

An arbitrary file upload vulnerability in the moveuploadedfile function of LJCMS v4.3 allows attackers to execute arbitrary code...

7.5CVSS9.6AI score0.01603EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/12 2:49 p.m.24 views

CVE-2020-20979

An arbitrary file upload vulnerability in the moveuploadedfile function of LJCMS v4.3 allows attackers to execute arbitrary code...

9.8AI score0.01603EPSS
Exploits1References1
CVE
CVE
added 2021/08/12 2:49 p.m.55 views

CVE-2020-20979

CVE-2020-20979 concerns an arbitrary file upload vulnerability in the move_uploaded_file() function of LJCMS v4.3, allowing attackers to execute arbitrary code. Affected software: LJCMS v4.3. Root cause: improper handling in the file upload process via move_uploaded_file. Impact: arbitrary code e...

9.8CVSS9.6AI score0.01603EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/08/12 12:0 a.m.5 views

LJCMS 代码问题漏洞

Ljcmsshop is a Php-based online shopping mall building system developed by China's Ljcms. LJCMS has a security vulnerability , the vulnerability stems from the move upload file function of the arbitrary file upload vulnerability allows an attacker to exploit the vulnerability to execute arbitrary...

9.8CVSS8.8AI score0.01603EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/09 12:0 a.m.31 views

LJCMS SQL Injection Vulnerability

LJCMS is a free and open source content management system. SQL injection vulnerability exists in LJCMS, which can be exploited by attackers to obtain sensitive database information...

7.5CVSS3.5AI score0.01254EPSS
Exploits1References1
OSV
OSV
added 2021/07/08 4:15 p.m.4 views

CVE-2020-20583

A SQL injection vulnerability in /question.php of LJCMS Version v4.3.R60321 allows attackers to obtain sensitive database information...

7.5CVSS7.2AI score0.01254EPSS
Exploits1References1
Prion
Prion
added 2021/07/08 4:15 p.m.19 views

Sql injection

A SQL injection vulnerability in /question.php of LJCMS Version v4.3.R60321 allows attackers to obtain sensitive database information...

5CVSS7.7AI score0.01254EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/07/08 3:44 p.m.86 views

CVE-2020-20583

CVE-2020-20583 affects LJCMS, specifically the vulnerable endpoint /question.php in Version v4.3.R60321. The root cause is a SQL injection flaw that allows attackers to access sensitive database information. The available documents do not specify an exploit method, active exploitation, or confirm...

7.5CVSS7.6AI score0.01254EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/07/08 3:44 p.m.20 views

CVE-2020-20583

A SQL injection vulnerability in /question.php of LJCMS Version v4.3.R60321 allows attackers to obtain sensitive database information...

7.7AI score0.01254EPSS
Exploits1References1
CNVD
CNVD
added 2021/03/19 12:0 a.m.1 views

SQL Injection Vulnerability in LJCMS (CNVD-2021-22610)

LJCMS is a free and open source content management system. LJCMS suffers from a SQL injection vulnerability that can be exploited by attackers to obtain sensitive information about a database...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/03/18 12:0 a.m.2 views

SQL Injection Vulnerability in LJCMS of Beijing Liangjing Zhicheng Technology Co., Ltd (CNVD-2021-24966)

LJCMS is a free and open source content management system. Beijing Liangjingzhicheng Technology Co., Ltd LJCMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

7.5AI score
Exploits0
Rows per page
Query Builder