Lucene search
K

72 matches found

Cvelist
Cvelist
added 2021/07/26 5:3 p.m.18 views

CVE-2021-37392

In RPCMS v1.8 and below, the "nickname" variable is not properly sanitized before being displayed on page. When the API functions are enabled, the attacker can use API to update user nickname with XSS payload and achieve stored XSS. Users who view the articles published by the injected user will...

5.4AI score0.00527EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.6 views

RPCMS 跨站脚本漏洞

RPCMS is a software application, a web CMS system. RPCMS suffers from a cross-site scripting vulnerability that stems from a failure to properly clean up the nickname variable before it is displayed on a page in RPCMS v1.8 versions and below. With the API functionality turned on, an attacker can...

5.4CVSS5.3AI score0.00527EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.4 views

RPCMS 安全漏洞

RPCMS is a software application. A website CMS system. A security vulnerability exists in RPCMS, which originates in RPCMS v1.8 and below, that can be exploited by an attacker to interact with the API to change the variable "role" to "admin" for administrator user registration...

8.8CVSS7.9AI score0.01171EPSS
Exploits1References3
CNVD
CNVD
added 2021/07/05 12:0 a.m.17 views

SQL Injection Vulnerability in RPCMS (CNVD-2021-51820)

RPCMS is a lightweight content management/blogging system based on PHP MYSQL. RPCMS suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2021/07/05 12:0 a.m.8 views

SQL Injection Vulnerability in RPCMS (CNVD-2021-51833)

RPCMS is a lightweight content management/blogging system based on PHP MYSQL. RPCMS suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2021/07/05 12:0 a.m.13 views

SQL Injection Vulnerability in RPCMS (CNVD-2021-51832)

RPCMS is a lightweight content management/blogging system based on PHP MYSQL. RPCMS suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2021/07/05 12:0 a.m.8 views

SQL Injection Vulnerability in RPCMS (CNVD-2021-51831)

RPCMS is a lightweight content management/blogging system based on PHP MYSQL. RPCMS suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2021/06/15 12:0 a.m.8 views

RPCMS suffers from a file upload vulnerability (CNVD-2021-45388)

RPCMS is a lightweight content management/blogging system based on PHP MYSQL. RPCMS suffers from a file upload vulnerability. An attacker can exploit this vulnerability to gain server privileges...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/06/15 12:0 a.m.11 views

SQL Injection Vulnerability in RPCMS (CNVD-2021-45386)

RPCMS is a lightweight content management/blogging system based on PHP MYSQL. RPCMS suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2021/06/03 12:0 a.m.3 views

SQL Injection Vulnerability in RPCMS (CNVD-2021-40742)

RPCMS is a lightweight php content management system, which can be used as a blog system, corporate website system, etc. RPCMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.7AI score
Exploits0
CNVD
CNVD
added 2021/06/03 12:0 a.m.4 views

RPCMS has a file upload vulnerability

RPCMS is a lightweight php content management system, which can be used as a blog system, corporate website system, etc. RPCMS has a file upload vulnerability that can be exploited by attackers to gain server privileges...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/04/19 12:0 a.m.1 views

SQL Injection Vulnerability in rpcms Backend

rpcms a lightweight php content management system , can be a blog system , enterprise website system , information system . It is small , lightweight , but feature-rich , scalable . rpcms background SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive database...

7.5AI score
Exploits0
Rows per page
Query Builder