30 matches found
CVE-2021-26794
Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file...
CVE-2021-26794
Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file...
CVE-2021-26794
CVE-2021-26794 affects FrogCMS SentCMS v0.9.5, allowing remote code execution via a crafted PHP file uploaded through upload.php. Multiple connected sources (RH Red Hat, CVE lists, CP advisories, CNVD/CNNVD equivalents, and CVE records) describe it as a privilege escalation leading to arbitrary c...
File Upload Vulnerability in SentCMS of Nanchang Tengshu Technology Co.
SentCMS is a website management system created by Nanchang Tengshu Technology Co. Ltd. SentCMS suffers from a file upload vulnerability that can be exploited by attackers to upload scripts and gain control of the web server...
File Upload Vulnerability in SentCMS Web Management System
SentCMS website management system is a simple and easy-to-use website management system created by Nanchang Tengshu Technology Co. A file upload vulnerability exists in SentCMS, which can be exploited by attackers to upload scripts and gain control of the web server...
File Upload Vulnerability in SentCMS v3.0.1707
SentCMS website management system is a simple and easy-to-use website management system created by Nanchang Tengshu Technology Co. A file upload vulnerability exists in SentCMS v3.0.1707, which is due to the system failing to effectively filter uploaded files. An attacker can exploit this...
Code Execution Vulnerability in SentCMS v3.0.1707
SentCMS website management system is a simple and easy-to-use website management system created by Nanchang Tengshu Technology Co. A code execution vulnerability exists in SentCMS v3.0.1707, which is caused by the system failing to effectively filter data written to cache files. An attacker can u...
File upload vulnerability in frontend of sentcms v3.0.170127
SentCMS website management system is a simple and easy-to-use website management system created by Nanchang Tengshu Technology Co. SentCMS v3.0.170127 has a file upload vulnerability, due to the system fails to strictly detect the editor function when uploading files. A remote attacker can use th...
Arbitrary User Password Reset Vulnerability in sentcms v3.0.170127
SentCMS website management system is a simple and easy-to-use website management system created by Nanchang Tengshu Technology Co. SentCMS v3.0.170127 has an arbitrary user password reset vulnerability, which occurs because the system fixes the encryption key. An attacker can reset any user's...
Logic Design Vulnerability in SentCMS v3.0.1707
SentCMS is a website management system of Nanchang Tengshu Technology Co. A logical design vulnerability exists in SentCMS v3.0.1707. The vulnerability exists in \application\user\controller\Profile.php, which allows an attacker to modify the administrator's information by modifying the member's...