59 matches found
CVE-2020-21237
An issue in the user login box of LJCMS v1.11 allows attackers to hijack user accounts via brute force attacks...
CVE-2020-21237
CVE-2020-21237 affects LJCMS v1.11 and is due to a login-box vulnerability that allows brute-force attempts to hijack user accounts. The available documents explicitly describe a lack of effective protection against brute-force login, enabling account hijacking. No concrete patch details, affecte...
Ljcmsshop SQL Injection Vulnerability
Find a Place LJCMS v1.3 is vulnerable to SQL injection, which can be exploited by attackers to access sensitive database information via a crafted POST request...
CVE-2020-22122
A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database information via a crafted POST request...
CVE-2020-22122
A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database information via a crafted POST request...
Sql injection
A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database information via a crafted POST request...
CVE-2020-22122
Find a Place LJCMS v1.3 contains a SQL injection in /oa.php?c=Staff&a=read that can allow a crafted POST request to access sensitive database information. The affected component appears to be the LJCMS web application’s staff read endpoint; root cause is SQL injection. Several sources (NVD, Red H...
Ljcms SQL注入漏洞
Find a Place LJCMS v1.3 is vulnerable to SQL injection, which can be exploited by attackers to access sensitive database information via a crafted POST request...
CVE-2020-20979
An arbitrary file upload vulnerability in the moveuploadedfile function of LJCMS v4.3 allows attackers to execute arbitrary code...
Privilege escalation
An arbitrary file upload vulnerability in the moveuploadedfile function of LJCMS v4.3 allows attackers to execute arbitrary code...
CVE-2020-20979
An arbitrary file upload vulnerability in the moveuploadedfile function of LJCMS v4.3 allows attackers to execute arbitrary code...
CVE-2020-20979
CVE-2020-20979 concerns an arbitrary file upload vulnerability in the move_uploaded_file() function of LJCMS v4.3, allowing attackers to execute arbitrary code. Affected software: LJCMS v4.3. Root cause: improper handling in the file upload process via move_uploaded_file. Impact: arbitrary code e...
LJCMS 代码问题漏洞
Ljcmsshop is a Php-based online shopping mall building system developed by China's Ljcms. LJCMS has a security vulnerability , the vulnerability stems from the move upload file function of the arbitrary file upload vulnerability allows an attacker to exploit the vulnerability to execute arbitrary...
LJCMS SQL Injection Vulnerability
LJCMS is a free and open source content management system. SQL injection vulnerability exists in LJCMS, which can be exploited by attackers to obtain sensitive database information...
CVE-2020-20583
A SQL injection vulnerability in /question.php of LJCMS Version v4.3.R60321 allows attackers to obtain sensitive database information...
Sql injection
A SQL injection vulnerability in /question.php of LJCMS Version v4.3.R60321 allows attackers to obtain sensitive database information...
CVE-2020-20583
CVE-2020-20583 affects LJCMS, specifically the vulnerable endpoint /question.php in Version v4.3.R60321. The root cause is a SQL injection flaw that allows attackers to access sensitive database information. The available documents do not specify an exploit method, active exploitation, or confirm...
CVE-2020-20583
A SQL injection vulnerability in /question.php of LJCMS Version v4.3.R60321 allows attackers to obtain sensitive database information...
SQL Injection Vulnerability in LJCMS (CNVD-2021-22610)
LJCMS is a free and open source content management system. LJCMS suffers from a SQL injection vulnerability that can be exploited by attackers to obtain sensitive information about a database...
SQL Injection Vulnerability in LJCMS of Beijing Liangjing Zhicheng Technology Co., Ltd (CNVD-2021-24966)
LJCMS is a free and open source content management system. Beijing Liangjingzhicheng Technology Co., Ltd LJCMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...