PHPCMS SQL Injection Vulnerability (CNVD-2022-43217)

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules for news, images, downloads, information, products, etc. A security vulnerability exists in PHPCMS v1.0, which stems from the category parameter in categorymenu.php. No detailed vulnerabilit...

CVE-2022-24607

Luocms v2.0 is affected by SQL Injection in /admin/news/newsok.php...

CVE-2022-24602

Luocms v2.0 is affected by SQL Injection in /admin/news/newsmod.php...

Luocms SQL注入漏洞

Luocms is an article management system. A SQL injection vulnerability exists in Luocms v2.0, which stems from a lack of validation of external input SQL statements in /admin/news/newsmod.php. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data...

The vulnerability of the addtotopics.php script implementation in the built-in News module of the NukeViet content management system allows a violator to execute arbitrary SQL code.

The vulnerability of the addtotopics.php script, part of the built-in News module in the NukeViet content management system, relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code through the...

CVE-2020-22765

Cross Site Scripting XSS vulnerability in NukeViet cms 4.4.0 via the editor in the News module...

Cross site scripting

Cross Site Scripting XSS vulnerability in NukeViet cms 4.4.0 via the editor in the News module...

NukeViet Cross-Site Scripting Vulnerability

NukeViet is a free open source content management system from Vietnam. NukeViet version 4.4.0 has a cross-site scripting vulnerability that can be exploited by attackers via the editor in the News module to conduct cross-site scripting attacks...

Vinades NukeViet 跨站脚本漏洞

NukeViet is a free open source content management system from Vietnam. NukeViet version 4.4.0 has a cross-site scripting vulnerability that can be exploited by attackers via the editor in the News module to conduct cross-site scripting attacks...

CVE-2020-22765

Cross Site Scripting XSS vulnerability in NukeViet cms 4.4.0 via the editor in the News module...

CVE-2020-22765

NukeViet CMS, version 4.4.0, contains a Cross-Site Scripting (XSS) vulnerability exploitable via the News module editor. The connected documents confirm the affected product and entry point but do not provide root-cause details, exploit status, affected sub-versions beyond 4.4.0, or remediation s...

File Inclusion Vulnerability in PHPSCUP

PHPSCUP is a set of pursuit of simplicity and ease of use of the system, the system is built-in business profile module, news module, product module, talent module, online message module and so on. PHPSCUP file contains a vulnerability that can be exploited by attackers to obtain server control...

CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2021-39688)

CMS Made Simple is a simple, easy-to-use content management system developed using PHP, MySQL and Smarty template engine. A cross-site scripting vulnerability exists in the "Setup News" module in the admin panel of CMS Made Simple version 2.2.14. An attacker can exploit this vulnerability to...

CVE-2020-27377

A cross-site scripting XSS vulnerability was discovered in the Administrator panel on the 'Setting News' module on CMS Made Simple 2.2.14 which allows an attacker to execute arbitrary web scripts...

CVE-2020-27377

A cross-site scripting XSS vulnerability was discovered in the Administrator panel on the 'Setting News' module on CMS Made Simple 2.2.14 which allows an attacker to execute arbitrary web scripts...

Cross site scripting

A cross-site scripting XSS vulnerability was discovered in the Administrator panel on the 'Setting News' module on CMS Made Simple 2.2.14 which allows an attacker to execute arbitrary web scripts...

CMS Made Simple 跨站脚本漏洞

CMS Made Simple is a simple, easy-to-use content management system developed using PHP, MySQL and Smarty template engine. A cross-site scripting vulnerability exists in the "Setup News" module in the admin panel of CMS Made Simple version 2.2.14. An attacker can exploit this vulnerability to...

CMS Made Simple 2.2.15 SQL Injection

1 Summary Affected software CMS Made Simple-2.2.15 Vendor URLhttp://www.cmsmadesimple.org/ Vulnerability SQL injection 2 Vulnerability Description The affected software is vulnerable to SQL injection via the m1sortby POST parameter of the News module, reachable via the moduleinterface.php page. T...

CVE-2011-4310

The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles...

CVE-2011-4310

The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles...