Dreamer CMS Security Vulnerability

Dreamer CMS is a Dreamer Content Management System by Junnan Wang, an individual developer in China. A security vulnerability exists in Dreamer CMS versions prior to 4.0.1, which stems from a directory traversal vulnerability. An attacker can exploit this vulnerability to modify template files or...

velocity: arbitrary code execution when attacker is able to modify templates

A flaw was found in velocity. An attacker, able to modify Velocity templates, may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. The highest threat from this vulnerability is to data confidentiality and integrity...

Mono MonoX CMS Code Execution Vulnerability

MonoX CMS is an ASP.NET-based content management system CMS and social networking platform from Mono Croatia. A security vulnerability exists in Mono MonoX CMS 5.1.40.5152 and earlier versions. The vulnerability can be exploited by an attacker to execute arbitrary code by modifying an ASPX templa...

Command Execution Vulnerability in EyouCms Backend

EyouCms is a free + open source enterprise content management system developed on the core of TP5.0 framework. EyouCms backend command execution vulnerability , attackers can use the vulnerability to modify the template at the existence of getshell vulnerability , you can execute any PHP code...