156 matches found
CVE-2026-38930
OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter...
CVE-2026-38930
OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter...
OpenRapid RapidCMS 安全漏洞
OpenRapid RapidCMS is a fast, simple, and useful CMS system developed under the OpenRapid open-source framework. Version 1.3.1 of OpenRapid RapidCMS contains a security vulnerability. This vulnerability stems from a flaw in the /template/default/menu.php component, where authentication bypasses a...
CVE-2026-38930
OpenRapid RapidCMS v1.3.1 has an authentication bypass in /template/default/menu.php. The issue arises from injecting a crafted SQL payload into the name cookie parameter, enabling bypass of authentication. Documentation indicates a network-level vector with low confidentiality/integrity impact (...
CVE-2026-38930
OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter...
CVE-2026-38930
OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter...
PT-2026-44038
OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter...
CVE-2023-4446
A vulnerability, which was classified as critical, was found in OpenRapid RapidCMS 1.3.1. This affects an unknown part of the file template/default/category.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The associate...
CVE-2023-4447
A vulnerability has been found in OpenRapid RapidCMS 1.3.1 and classified as critical. This vulnerability affects unknown code of the file admin/article-chat.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to th...
CVE-2025-64047
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting XSS in /user/user-move.php...
CVE-2025-64047
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting XSS in /user/user-move.php...
CVE-2025-64047
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting XSS in /user/user-move.php...
OpenRapid RapidCMS 安全漏洞
OpenRapid RapidCMS is a fast and easy to use CMS system from OpenRapid open source. A security vulnerability exists in OpenRapid RapidCMS version 1.3.1, which originates from a cross-site scripting vulnerability in /user/user-move.php...
CVE-2025-64047
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting XSS in /user/user-move.php...
CVE-2025-64047
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting XSS in /user/user-move.php...
CVE-2025-64047
CVE-2025-64047 affects OpenRapid RapidCMS 1.3.1 and is described as vulnerable to Cross Site Scripting (XSS) in the endpoint /user/user-move.php. The connected Red Hat, ENISA ENISA EUVD, NVD, OSV, CNNVD, CVE/CVEs listings, and vuln enrichment sources, all confirm a XSS issue for this version. The...
PT-2025-47954
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting XSS in /user/user-move.php...
CVE-2025-64046
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting XSS in /system/update-run.php...
EUVD-2025-197816
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting XSS in /system/update-run.php...
CVE-2025-64046
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting XSS in /system/update-run.php...