39 matches found
CVE-2023-43358
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component...
CVE-2023-43345
Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component...
EUVD-2020-21839
Malware in sbrugna...
EUVD-2023-47777
Malicious code in bioql PyPI...
CVE-2022-32061
An arbitrary file upload vulnerability in the Select User function under the People Menu component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file...
CVE-2020-29469
WonderCMS 3.1.3 is affected by cross-site scripting XSS in the Menu component. This vulnerability can allow an attacker to inject the XSS payload in the Setting - Menu and each time any user will visits the website directory, the XSS triggers and attacker can steal the cookie according to the...
SourceCodester Phone Contact Manager System 安全漏洞
SourceCodester Phone Contact Manager System is an open source phone contact management system from SourceCodester. A security vulnerability exists in SourceCodester Phone Contact Manager System version 1.0, which is caused by a buffer overflow issue in the UserInterface::MenuDisplayStart function...
PT-2024-17562 · Sourcecodester · Sourcecodester Phone Contact Manager System
Name of the Vulnerable Software and Affected Versions: SourceCodester Phone Contact Manager System version 1.0 Description: The issue is related to insufficient input validation, which can allow an attacker to execute arbitrary code. It affects the function UserInterface::MenuDisplayStart of the...
SEMCMS Security Breach
SEMCMS is a multilingual content management system CMS for foreign trade websites. A security vulnerability exists in SEMCMS v.4.8, which originates from an SQL injection vulnerability. The vulnerability can be exploited to execute arbitrary code and obtain sensitive information via the...
flusity CMS Cross-Site Request Forgery Vulnerability
flusity CMS is a user interaction interface solution where code can be easily changed or added. A cross-site request forgery vulnerability exists in flusity CMS version v2.33, which stems from a cross-site request forgery CSRF vulnerability in component /core/tools/updatemenu.php...
CVE-2023-43352
An issue in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload to the Content Manager Menu component...
CMS Made Simple Security Breach
CMS Made Simple CMSMS is an open source content management system CMS by Cmsms team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A security vulnerability exists in CMS Made Simple v.2.2.18, whi...
CVE-2023-43360
CMS Made Simple 2.2.18 is affected by a Cross-Site Scripting vulnerability in the File Picker Menu’s Top Directory parameter. A local attacker can inject crafted scripts to gain arbitrary code execution within the CMS. Root cause: improper handling of user-supplied input in the Top Directory fiel...
Cross site scripting
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component...
CVE-2023-43353
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu component...
CVE-2023-43353
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu component...
Cross site scripting
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu component...
CVE-2023-43353
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu component...
CVE-2023-43345
Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component...
Cross site scripting
Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component...