274 matches found
CVE-2026-4563
MacCMS (up to 2025.1000.4052) contains a vulnerability in the function order_info within application/index/controller/User.php of the Member Order Detail Interface that allows authorization bypass via manipulation of the order_id parameter. A remote attack is possible, and public exploits exist o...
CVE-2026-4562 MacCMS Timming API Endpoint Timming.php weak authentication
A security flaw has been discovered in MacCMS 2025.1000.4052. This affects an unknown part of the file application/api/controller/Timming.php of the component Timming API Endpoint. The manipulation results in missing authentication. The attack may be performed from remote. The exploit has been...
CVE-2026-4562 MacCMS Timming API Endpoint Timming.php weak authentication
A security flaw has been discovered in MacCMS 2025.1000.4052. This affects an unknown part of the file application/api/controller/Timming.php of the component Timming API Endpoint. The manipulation results in missing authentication. The attack may be performed from remote. The exploit has been...
CVE-2026-4562
A security flaw has been discovered in MacCMS 2025.1000.4052. This affects an unknown part of the file application/api/controller/Timming.php of the component Timming API Endpoint. The manipulation results in missing authentication. The attack may be performed from remote. The exploit has been...
CVE-2026-4562
The CVE-2026-4562 entry describes a security flaw in MacCMS version 2025.1000.4052 affecting an unknown part of application/api/controller/Timming.php within the Timming API Endpoint. The vulnerability permits missing authentication, with remote exploitation possible and the exploit publicly rele...
PT-2026-27033
Name of the Vulnerable Software and Affected Versions MacCMS version 2025.1000.4052 Description A security flaw exists in MacCMS that allows for missing authentication. The issue is located in the file application/api/controller/Timming.php within the Timming API Endpoint component. The attack ca...
PT-2026-27035
Name of the Vulnerable Software and Affected Versions MacCMS versions prior to 2025.1000.4052 Description A weakness exists in MacCMS that allows authorization bypass. This issue affects the order info function within the application/index/controller/User.php file, specifically within the Member...
CVE-2018-19465
Maccms through 8.0 allows XSS via the sitekeywords field to index.php?m=system-config because of tpl/module/system.php and tpl/html/systemconfig.html, related to template/paody/html/vodindex.html...
CVE-2022-26573
Maccms v10 was discovered to contain multiple reflected cross-site scripting XSS vulnerabilities in /admin.php/admin/art/data.html via the select and input parameters...
CVE-2022-27886
Maccms v10 was discovered to contain a reflected cross-site scripting XSS vulnerability in /admin.php/admin/ulog/index.html via the wd parameter...
CVE-2022-27887
Maccms v10 was discovered to contain a reflected cross-site scripting XSS vulnerability in /admin.php/admin/vod/data.html via the repeat parameter...
EUVD-2020-13860
Malware in sbrugna...
EUVD-2020-13861
Malware in sbrugna...
EUVD-2020-14159
Malware in sbrugna...
EUVD-2019-17800
Malware in sbrugna...
EUVD-2018-4092
Malware in sbrugna...
EUVD-2020-14158
Malware in sbrugna...
EUVD-2018-11154
Malware in sbrugna...
EUVD-2020-14206
Malware in sbrugna...
EUVD-2020-13301
Malware in sbrugna...