21 matches found
EUVD-2025-27220
Malicious code in bioql PyPI...
CVE-2025-10122
A vulnerability was found in Maccms10 2025.1000.4050. Affected is the function rep of the file application/admin/controller/Database.php. Performing manipulation of the argument where results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be use...
CVE-2025-10122
A vulnerability was found in Maccms10 2025.1000.4050. Affected is the function rep of the file application/admin/controller/Database.php. Performing manipulation of the argument where results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be use...
CVE-2025-10122 Maccms10 Database.php rep sql injection
A vulnerability was found in Maccms10 2025.1000.4050. Affected is the function rep of the file application/admin/controller/Database.php. Performing manipulation of the argument where results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be use...
PT-2025-36564
Name of the Vulnerable Software and Affected Versions: Maccms10 version 2025.1000.4050 Description: A SQL injection issue exists in the rep function of the application/admin/controller/Database.php file. Manipulation of the where argument can lead to SQL injection. The attack can be initiated...
maccms10 SQL注入漏洞
maccms10 is magicblack open source PHP+MYSQL environment to run a set of perfect and powerful rapid site-building system. maccms10 2025.1000.4050 version of the SQL injection vulnerabilities exist in the file application/admin/controller/Database. maccms10 2025.1000.4050 version of the SQL...
maccms10 安全漏洞
maccms10 is magicblack open source a set of PHP + MYSQL environment running under the perfect and powerful rapid site building system. A security vulnerability exists in maccms10 version v2025.1000.4047, which originates from a server-side request forgery in the Capture Custom Interface feature...
maccms10 安全漏洞
maccms10 is magicblack open source a set of PHP + MYSQL environment running under the perfect and powerful rapid website building system. A security vulnerability exists in maccms10 version v2025.1000.4047, which originates from a server-side request forgery in the Add Article feature...
CVE-2022-47872
A Server-Side Request Forgery SSRF in maccms10 v2021.1000.2000 allows attackers to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module...
CVE-2022-47872
A Server-Side Request Forgery SSRF in maccms10 v2021.1000.2000 allows attackers to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module...
CVE-2022-27885
Maccms v10 was discovered to contain multiple reflected cross-site scripting XSS vulnerabilities in /admin.php/admin/website/data.html via the select and input parameters...
CVE-2022-27884
Maccms v10 was discovered to contain a reflected cross-site scripting XSS vulnerability in /admin.php/admin/plog/index.html via the wd parameter...
CVE-2022-27886
Maccms v10 was discovered to contain a reflected cross-site scripting XSS vulnerability in /admin.php/admin/ulog/index.html via the wd parameter...
CVE-2022-26573
Maccms v10 was discovered to contain multiple reflected cross-site scripting XSS vulnerabilities in /admin.php/admin/art/data.html via the select and input parameters...
PT-2022-17937
Name of the Vulnerable Software and Affected Versions Maccms version 10 Description The issue is related to multiple reflected cross-site scripting XSS vulnerabilities. These vulnerabilities are found in the /admin.php/admin/art/data.html endpoint via the select and input parameters...
Maccms 跨站脚本漏洞
Maccms is a PHP-based video content management system CMS. v10 version of Maccms is vulnerable to a cross-site scripting vulnerability that stems from the program's lack of data validation filtering of user-supplied data and output. An attacker can use the vulnerability to attack through the...
CVE-2020-21434
Maccms 10 contains a cross-site scripting XSS vulnerability in the Editing function under the Member module. This vulnerability is exploited via a crafted payload in the nickname text field...
CVE-2020-21387
A cross-site scripting XSS vulnerability in the parameter typeen of Maccms 10 allows attackers to obtain the administrator cookie and escalate privileges via a crafted payload...
CVE-2019-9829
Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a template/defaultpc/html/art Edit action. This occurs because template rendering uses an include operation on a cache file, which bypasses the prohibition of .php files as templates...
MACCMS 10 Cross-Site Request Forgery Vulnerability
MacCMS program is a fast shadow video building system that runs on PHP+MYSQL environment. MACCMS 10 has a cross-site request forgery vulnerability, which can be exploited by attackers to arbitrarily add to users...