Lucene search
K

14 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

SEMCMS 访问控制错误漏洞

SEMCMS is an open-source content management system CMS for foreign trade websites that supports multiple languages. Version SEMCMS 5.0 has a access control vulnerability, which stems from an unauthorized access vulnerability in the SEMCMScopy.php file...

7.5CVSS5.3AI score0.00232EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.14 views

PT-2026-32961

BoidCMS is an open-source, PHP-based flat-file CMS for building simple websites and blogs, using JSON as its database. Versions prior to 2.1.3 are vulnerable to a critical Local File Inclusion LFI attack via the tpl parameter, which can lead to Remote Code Execution RCE.The application fails to...

7.2CVSS6AI score0.00731EPSS
Exploits2References4
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.5 views

Formwork 跨站脚本漏洞

Formwork is Formwork open source a flat file based content management system CMS. It is used to build and manage simple websites. A cross-site scripting vulnerability exists in Formwork versions prior to 2.2.0, which stems from an uncleaned blog tag field input that could lead to a stored...

6.5CVSS5.7AI score0.00174EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/04/12 12:0 a.m.3 views

Xibo 安全漏洞

Xibo is an open source content management system from Xibo Digital Signage. A security vulnerability exists in Xibo that originates from a session hijacking via token exposure on a session page...

7.2CVSS6.7AI score0.00802EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/02/26 12:0 a.m.4 views

Strapi 安全漏洞

Strapi is an open source headless content management system CMS. Strapi is vulnerable to an operating system command injection vulnerability that originates from arbitrary command injection in the GitHub repository. No detailed vulnerability details are currently available...

7.2CVSS5.9AI score0.00782EPSS
Exploits1References5
CNVD
CNVD
added 2021/09/29 12:0 a.m.34 views

PortlandLabs Concrete CMS Cross-Site Scripting Vulnerability (CNVD-2021-76088)

PortlandLabs Concrete Cms is a team-oriented open source content management system for the United States PortlandLabs . A cross-site scripting vulnerability exists in PortlandLabs Concrete CMS that stems from the failure of the website field of the product's podcast comment feature to properly...

6.1CVSS6.3AI score0.0063EPSS
Exploits0References1
CNVD
CNVD
added 2021/04/19 12:0 a.m.3 views

File Upload Vulnerability in Super cms v2.39 (CNVD-2021-32175)

Super CMS content management system by the SEO Research Center moonseo.cn in order to solve the problem of website optimization and research and development of a set of products, this product adopts an object-oriented approach to independent research and development of the MVC framework...

7AI score
Exploits0
CNVD
CNVD
added 2021/04/17 12:0 a.m.4 views

Command execution vulnerability in kiteCMS backend

KiteCMS open source web content management system CMS, the system is based on the framework ThinkPHP5.1. version of the development, applicable to individuals and enterprises to quickly build stations and development needs. kiteCMS backend command execution vulnerability , attackers can exploit t...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/04/01 12:0 a.m.4 views

YzmCMS has an arbitrary file download vulnerability

YzmCMS is a lightweight open source content management system based on YZMPHP. YzmCMS has an arbitrary file download vulnerability that can only be exploited by attacks to obtain sensitive information...

7AI score
Exploits0
CNVD
CNVD
added 2016/02/27 12:0 a.m.3 views

Yeager Cross-Site Scripting Vulnerability

Yeager is an open source content management system . Yeager suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user sessions when malicious...

5.9AI score
Exploits4References1
ThreatPost
ThreatPost
added 2015/01/15 1:27 p.m.10 views

Parking Services Confirm Payment Card Breaches

Two services that allow users to reserve over the Internet offsite parking spots at airports confirmed week that they recently suffered data breaches and customer data may be at risk. Park ‘N Fly, headquartered in Atlanta, and OneStopParking, which is based in Florence, Ky, allow travelers to...

0.3AI score
Exploits0References7
OpenVAS
OpenVAS
added 2013/10/10 12:0 a.m.34 views

Debian Security Advisory DSA 2772-1 (typo3-src - cross-site scripting)

Markus Pieton and Vytautas Paulikas discovered that the embedded video and audio player in the TYPO3 web content management system is suspectible to cross-site-scripting. OpenVAS Vulnerability Test $Id: deb2772.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from advisory DSA 2772-1 usin...

4.3CVSS0.2AI score0.06414EPSS
Exploits1References1
securityvulns
securityvulns
added 2004/04/22 12:0 a.m.28 views

[waraxe-2004-SA#022 - Multiple vulnerabilities in PostNuke 0.726 Phoenix - part 2]

================================================================================ waraxe-2004-SA022 ================================================================================ Multiple vulnerabilities in PostNuke 0.726 Phoenix - part 2...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2004/04/19 12:0 a.m.33 views

[Full-Disclosure] [waraxe-2004-SA#020 - Multiple vulnerabilities in PostNuke 0.726 Phoenix]

================================================================================ waraxe-2004-SA020 ================================================================================ Multiple vulnerabilities in PostNuke 0.726 Phoenix...

Exploits0
Rows per page
Query Builder