151 matches found
MetInfo suffers from a SQL injection vulnerability (CNVD-2021-40243)
MetInfo is an open source free CMS building system suitable for enterprise building. MetInfo has a SQL injection vulnerability. Attackers can exploit the vulnerability to obtain sensitive information in the database...
YzmCMS Cross-Site Scripting Vulnerability (CNVD-2021-39769)
Yzmcms is an open source CMS Content Management System. A cross-site scripting vulnerability exists in YzmCMS version 5.6. The vulnerability stems from the program using UEditor 1.4.3.3, so the vulnerability can be exploited through the SRC attribute of the IFRAME element in...
Hurricane CMS 1.1.0 file upload vulnerabilities in the background
Hurricane CMS is an open source CMS system, characterized by all open source, efficient and convenient secondary development, simple background, plug-ins categorized in detail, adapted to various types of websites to expand the construction. Hurricane CMS1.1.0 file upload vulnerability exists in...
SQL injection vulnerability in SongCMS PHP version (CNVD-2021-28484)
SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. SongCMS PHP version suffers from a SQL injection vulnerability, which can be exploited b...
Songcms is vulnerable to arbitrary file downloads
SongCMS is a free and open source CMS based on PHP+MySQL, ASP+Access/SQL Server development, enterprise-oriented, multi-language support. Songcms has an arbitrary file download vulnerability that can be exploited by attackers to obtain sensitive information...
Command execution vulnerability in SongCMS PHP version (CNVD-2021-26158)
SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. A command execution vulnerability exists in SongCMS PHP version, which can be exploited ...
Command Execution Vulnerability in SongCMS PHP Version of Guangdong Kegel Technology Co. Ltd (CNVD-2021-24956)
SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. A command execution vulnerability exists in the PHP version of SongCMS by Guangdong Kege...
SQL Injection Vulnerability in SongCMS PHP Version of Guangdong Kegel Technology Limited (CNVD-2021-24953)
SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. A SQL injection vulnerability exists in the PHP version of SongCMS by Guangdong Kager...
Unspecified vulnerability in Joomla (CNVD-2021-18386)
Joomla is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source, cross-platform content management system CMS. There is a security vulnerability in Joomla, no detailed vulnerability details are provided at this time...
SQL injection vulnerability in songcms backend (CNVD-2021-12740)
SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. SongCMS backend suffers from a sql injection vulnerability. An attacker can exploit this...
SQL injection vulnerability in songcms backend (CNVD-2021-12736)
SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. SongCMS backend suffers from a sql injection vulnerability. An attacker can exploit this...
Command Execution Vulnerability in XYHCMS Backend
XYHCMS is a completely open source CMS content management system. XYHCMS back-end command execution vulnerability, an attacker can exploit the vulnerability to obtain server control privileges...
Pixelimity Cross-Site Request Forgery Vulnerability
Pixelimity is a PHP-based open source CMS Content Management System. A cross-site request forgery vulnerability exists in Pixelimity version 1.0, which originates from the admin setting.php data Password parameter. No details of the vulnerability are available at this time...
Command Execution Vulnerability in phpok
PHPOK is a website building content management system to achieve customized open source free website building cms system. phpok there is a command execution vulnerability , an attacker can exploit the vulnerability to execute arbitrary commands...
XSS Vulnerability in XYHCMS 3.6
Xing Yunhai CMS XYHCMS is a completely open source CMS content management system. XYHCMS 3.6 has an XSS vulnerability that can be exploited by attackers to obtain user cookie information...
File Deletion Vulnerability in MetInfo
MetInfo is an open source free CMS building system suitable for enterprise building. MetInfo has a file deletion vulnerability that can be exploited by attackers to compromise integrity...
opensourcecms.eu Cross Site Scripting vulnerability OBB-1478590
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Extreme CMS has multiple vulnerabilities
Extreme CMS is an open source and free PHPCMS web content management system. Extreme CMS has XSS cross-site scripting , SQL injection , ultra-rights access vulnerabilities , attackers can exploit the vulnerability to obtain server privileges...
File Upload Vulnerability in DedeCMS of Shanghai Zhuozhuo Network Technology Company Limited (CNVD-2020-49415)
DedeCMS is an open source content management system. Shanghai Zhuozhuo Network Technology Co., Ltd DedeCMS has a code execution vulnerability that can be exploited by attackers to gain server control privileges...
SQL injection vulnerability in YUNUCMS V2***.php file of Zhenjiang Yunyu Network Technology Co. Ltd (CNVD-2020-47320)
YUNUCMS is a free + open source urban substation content management system based on TP5.0 framework as the core development. Zhenjiang Yunyu Network Technology Co., Ltd. YUNUCMS V2.php file SQL injection vulnerability, an attacker can use the vulnerability to obtain database sensitive information...