Lucene search
K

151 matches found

CNVD
CNVD
added 2021/05/28 12:0 a.m.3 views

MetInfo suffers from a SQL injection vulnerability (CNVD-2021-40243)

MetInfo is an open source free CMS building system suitable for enterprise building. MetInfo has a SQL injection vulnerability. Attackers can exploit the vulnerability to obtain sensitive information in the database...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/05/11 12:0 a.m.7 views

YzmCMS Cross-Site Scripting Vulnerability (CNVD-2021-39769)

Yzmcms is an open source CMS Content Management System. A cross-site scripting vulnerability exists in YzmCMS version 5.6. The vulnerability stems from the program using UEditor 1.4.3.3, so the vulnerability can be exploited through the SRC attribute of the IFRAME element in...

6.1CVSS6.2AI score0.00873EPSS
Exploits1References1
CNVD
CNVD
added 2021/04/30 12:0 a.m.2 views

Hurricane CMS 1.1.0 file upload vulnerabilities in the background

Hurricane CMS is an open source CMS system, characterized by all open source, efficient and convenient secondary development, simple background, plug-ins categorized in detail, adapted to various types of websites to expand the construction. Hurricane CMS1.1.0 file upload vulnerability exists in...

7AI score
Exploits0
CNVD
CNVD
added 2021/04/06 12:0 a.m.5 views

SQL injection vulnerability in SongCMS PHP version (CNVD-2021-28484)

SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. SongCMS PHP version suffers from a SQL injection vulnerability, which can be exploited b...

7.8AI score
Exploits0
CNVD
CNVD
added 2021/03/30 12:0 a.m.2 views

Songcms is vulnerable to arbitrary file downloads

SongCMS is a free and open source CMS based on PHP+MySQL, ASP+Access/SQL Server development, enterprise-oriented, multi-language support. Songcms has an arbitrary file download vulnerability that can be exploited by attackers to obtain sensitive information...

7AI score
Exploits0
CNVD
CNVD
added 2021/03/26 12:0 a.m.4 views

Command execution vulnerability in SongCMS PHP version (CNVD-2021-26158)

SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. A command execution vulnerability exists in SongCMS PHP version, which can be exploited ...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/03/25 12:0 a.m.3 views

Command Execution Vulnerability in SongCMS PHP Version of Guangdong Kegel Technology Co. Ltd (CNVD-2021-24956)

SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. A command execution vulnerability exists in the PHP version of SongCMS by Guangdong Kege...

7.6AI score
Exploits0
CNVD
CNVD
added 2021/03/25 12:0 a.m.2 views

SQL Injection Vulnerability in SongCMS PHP Version of Guangdong Kegel Technology Limited (CNVD-2021-24953)

SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. A SQL injection vulnerability exists in the PHP version of SongCMS by Guangdong Kager...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/03/10 12:0 a.m.7 views

Unspecified vulnerability in Joomla (CNVD-2021-18386)

Joomla is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source, cross-platform content management system CMS. There is a security vulnerability in Joomla, no detailed vulnerability details are provided at this time...

9.1CVSS6.8AI score0.01567EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/27 12:0 a.m.3 views

SQL injection vulnerability in songcms backend (CNVD-2021-12740)

SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. SongCMS backend suffers from a sql injection vulnerability. An attacker can exploit this...

6.8AI score
Exploits0
CNVD
CNVD
added 2021/01/27 12:0 a.m.2 views

SQL injection vulnerability in songcms backend (CNVD-2021-12736)

SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. SongCMS backend suffers from a sql injection vulnerability. An attacker can exploit this...

6.8AI score
Exploits0
CNVD
CNVD
added 2021/01/26 12:0 a.m.2 views

Command Execution Vulnerability in XYHCMS Backend

XYHCMS is a completely open source CMS content management system. XYHCMS back-end command execution vulnerability, an attacker can exploit the vulnerability to obtain server control privileges...

7.2AI score
Exploits0
CNVD
CNVD
added 2021/01/25 12:0 a.m.4 views

Pixelimity Cross-Site Request Forgery Vulnerability

Pixelimity is a PHP-based open source CMS Content Management System. A cross-site request forgery vulnerability exists in Pixelimity version 1.0, which originates from the admin setting.php data Password parameter. No details of the vulnerability are available at this time...

6.8CVSS6.7AI score0.02009EPSS
Exploits2References1
CNVD
CNVD
added 2021/01/23 12:0 a.m.2 views

Command Execution Vulnerability in phpok

PHPOK is a website building content management system to achieve customized open source free website building cms system. phpok there is a command execution vulnerability , an attacker can exploit the vulnerability to execute arbitrary commands...

8.1AI score
Exploits0
CNVD
CNVD
added 2021/01/22 12:0 a.m.2 views

XSS Vulnerability in XYHCMS 3.6

Xing Yunhai CMS XYHCMS is a completely open source CMS content management system. XYHCMS 3.6 has an XSS vulnerability that can be exploited by attackers to obtain user cookie information...

6AI score
Exploits0
CNVD
CNVD
added 2020/12/30 12:0 a.m.3 views

File Deletion Vulnerability in MetInfo

MetInfo is an open source free CMS building system suitable for enterprise building. MetInfo has a file deletion vulnerability that can be exploited by attackers to compromise integrity...

7.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/11/03 8:26 a.m.7 views

opensourcecms.eu Cross Site Scripting vulnerability OBB-1478590

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
CNVD
CNVD
added 2020/08/05 12:0 a.m.1 views

Extreme CMS has multiple vulnerabilities

Extreme CMS is an open source and free PHPCMS web content management system. Extreme CMS has XSS cross-site scripting , SQL injection , ultra-rights access vulnerabilities , attackers can exploit the vulnerability to obtain server privileges...

7AI score
Exploits0
CNVD
CNVD
added 2020/07/24 12:0 a.m.2 views

File Upload Vulnerability in DedeCMS of Shanghai Zhuozhuo Network Technology Company Limited (CNVD-2020-49415)

DedeCMS is an open source content management system. Shanghai Zhuozhuo Network Technology Co., Ltd DedeCMS has a code execution vulnerability that can be exploited by attackers to gain server control privileges...

7.9AI score
Exploits0
CNVD
CNVD
added 2020/07/10 12:0 a.m.2 views

SQL injection vulnerability in YUNUCMS V2***.php file of Zhenjiang Yunyu Network Technology Co. Ltd (CNVD-2020-47320)

YUNUCMS is a free + open source urban substation content management system based on TP5.0 framework as the core development. Zhenjiang Yunyu Network Technology Co., Ltd. YUNUCMS V2.php file SQL injection vulnerability, an attacker can use the vulnerability to obtain database sensitive information...

7.9AI score
Exploits0
Rows per page
Query Builder