23 matches found
The vulnerability of the admin/info.php?shuyu component of the LAOBANCMS software allows a hacker to execute arbitrary code.
The vulnerability of the admin/info.php?shuyu component of the LAOBANCMS software is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
SQL injection vulnerability in Laoban CMS V2.0 ca***.php page
Laoban CMS content management system referred to as: Laoban CMS is developed by Laoban based on PHP + MYSQL environment of the open source station-building system. A SQL injection vulnerability exists in the Laoban CMS V2.0ca.php page. An attacker can exploit this vulnerability to obtain sensitiv...
SQL Injection Vulnerability in Laoban CMS V2.0 ty***.php Page
Laoban CMS content management system referred to as: Laoban CMS is developed by Laoban based on PHP + MYSQL environment of the open source station-building system. A SQL injection vulnerability exists in the Laoban CMS V2.0 ty.php page. An attacker can exploit this vulnerability to obtain sensiti...
SQL Injection Vulnerability in Laoban CMS V2.0 to***.php Page
Laoban CMS content management system referred to as: Laoban CMS is developed by Laoban based on PHP + MYSQL environment of the open source station-building system. A SQL injection vulnerability exists in the Laoban CMS V2.0 to.php page. An attacker can exploit this vulnerability to obtain sensiti...
LAOBANCMS Cross-Site Scripting Vulnerability
Laoban CMS LAOBANCMS content management system is based on PHP + MYSQL environment developed by the old class of open-source website building system . LAOBANCMS 2.0 suffers from a cross-site scripting vulnerability. Attackers can use this vulnerability through admin/art.php?typeid=1 title paramet...
LAOBANCMS cross-site scripting vulnerability (CNVD-2018-23073)
Laoban CMS LAOBANCMS content management system is based on PHP + MYSQL environment developed by the old class of open-source website building system . LAOBANCMS 2.0 suffers from a cross-site scripting vulnerability. An attacker can exploit this vulnerability by using the first input field of...
LAOBANCMS Administrator Password Reset Vulnerability
Laoban CMS LAOBANCMS content management system is based on PHP + MYSQL environment developed by the old class of open-source website building system . LAOBANCMS 2.0 has an administrator password reset vulnerability. Attackers can use this vulnerability to reset the administrator password even if...
LAOBANCMS Information Disclosure Vulnerability
Laoban CMS LAOBANCMS content management system is based on PHP + MYSQL environment developed by the old class of open-source website building system . LAOBANCMS 2.0 suffers from an information disclosure vulnerability. A remote attacker can exploit this vulnerability by directly requesting the...
LAOBANCMS Arbitrary File Deletion Vulnerability
Laoban CMS LAOBANCMS content management system is based on PHP + MYSQL environment developed by the old class of open-source website building system . LAOBANCMS 2.0 has an arbitrary file deletion vulnerability. An attacker can delete arbitrary files by admin/pic.php del parameter ... / directory...
LAOBANCMS SQL Injection Vulnerability
Laoban CMS LAOBANCMS content management system is based on PHP + MYSQL environment developed by the old class of open-source website building system . LAOBANCMS 2.0 has a SQL injection vulnerability. Attackers can exploit this vulnerability through the admin/login.php guanliyuan parameter for SQL...
LAOBANCMS cross-site scripting vulnerability (CNVD-2018-23076)
Laoban CMS LAOBANCMS content management system is based on PHP + MYSQL environment developed by the old class of open-source website building system . LAOBANCMS 2.0 suffers from a cross-site scripting vulnerability. Attackers can use the vulnerability through the admin/liuyan.php neirong paramete...
CVE-2018-19227
An issue was discovered in LAOBANCMS 2.0. It allows XSS via the admin/liuyan.php neirong parameter...
CVE-2018-19220
An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to execute arbitrary PHP code via the host parameter to the install/ URI...
CVE-2018-19225
An issue was discovered in LAOBANCMS 2.0. admin/mima.php has CSRF...
SQL Injection Vulnerability in Laoban CMS
Laoban CMS content management system referred to as: Laoban CMS is developed by Laoban based on PHP + MYSQL environment of the open source station-building system. Laoban CMS suffers from SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information...
XSS Vulnerability in Laoban CMS V2.0
Laoban CMS content management system referred to as: Laoban CMS is developed by Laoban based on PHP + MYSQL environment of the open source station-building system. Laoban CMS V2.0 exists XSS vulnerability, the vulnerability stems from the system fails to html materialization of the message data,...
Arbitrary file reading vulnerability in Laoban CMS backend
Laoban CMS content management system referred to as: Laoban CMS is developed by Laoban based on PHP + MYSQL environment of the open source station-building system. There is an arbitrary file reading vulnerability in the background of Laoban CMS. An attacker can exploit the vulnerability to read...
Arbitrary File Deletion Vulnerability in Laoban CMS v2.0
Laoban CMS content management system referred to as: Laoban CMS is developed by Laoban based on PHP + MYSQL environment of the open source station-building system. Laoban CMS v2.0 has an arbitrary file deletion vulnerability. The vulnerability is due to the program in the deletion of pictures, di...
File Upload Vulnerability in Laoban CMS Backend
Laoban CMS content management system referred to as: Laoban CMS is developed by Laoban based on PHP + MYSQL environment of the open source station-building system. File upload vulnerability exists in the background of Laoban CMS. It allows attackers to upload webshell and gain server privileges...
SQL Injection Vulnerabilities in Laoban CMS v2.0
Laoban CMS content management system referred to as: Laoban CMS is developed by Laoban based on PHP + MYSQL environment of the open source station-building system. SQL injection vulnerability exists in several pages of Laoban CMS v2.0. An attacker can exploit the vulnerability to execute arbitrar...