EyouCMS 注入漏洞

EyouCMS is an open-source content management system CMS developed by Eyou Corporation in China, based on ThinkPHP. EyouCMS versions 1.7.9 and earlier have a vulnerability related to injection attacks. This vulnerability arises from improper handling of the editFile function in the file...

wtcms 安全漏洞

wtcms is a ThinkPHP-based content management system CMS by Taosir Personal Developer. A security vulnerability exists in version 1.0 of wtcms, which stems from vulnerability to SQL injection attacks via the parentid parameter in file /AdminControllerNavControl.class.php...

X-Man SQL注入漏洞

X-Man is a backend system based on ThinkPHP framework developed by S1xGod individual developers. A security vulnerability exists in X-Man version 1.0. An attacker exploited the vulnerability to perform SQL injection attacks...

Twothink 安全漏洞

Twothink is a software application. Twothink is an open source content management framework developed using the latest ThinkPHP version 5.0.2 to provide a more convenient and secure WEB application development experience , using a new architectural design and namespace mechanism , a blend of...

Code Execution Vulnerability in KiteCMS Backend

KiteCMS open source web content management system CMS, the system is based on the framework ThinkPHP5.1. version of the development , applicable to individuals and enterprises to quickly build stations and development needs. Provide website templates for various industries , the system uses a...

TuziCMS v3.0 Ma*** Gu***.cl***.php suffers from SQL injection vulnerability

TuziCMS is an enterprise website management system based on ThinkPHP 3.2 framework. TuziCMS v3.0 Ma Gu.cl.php suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information about the database...

File upload vulnerability exists in BeyongCms (CNVD-2020-31489)

BeyongCms is a content management system based on ThinkPHP 5.1 framework. A file upload vulnerability exists in BeyongCms. An attacker can exploit this vulnerability to upload malicious files and gain administrative privileges on the server...

Arbitrary File Deletion Vulnerability in DSCMS Enterprise Content Management System

DSCMS is Changsha Deshaun network based on ThinkPHP5.0 framework development, using PHP + Mysql architecture, is a suitable for the construction of enterprise website cms station building system features a comprehensive SEO-friendly dual-language open source CMS system. DSCMS enterprise station...

EyouCms suffers from SQL injection vulnerability (CNVD-2020-02271)

EyouCms is a free + open source enterprise content management system developed on the core of TP5.0 framework. EyouCms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive database information...

Arbitrary File Read Vulnerability in LFCMS Version 3.4.0

LFCMS is a film and television content management system developed in PHP and based on THINKPHP framework suitable for all kinds of video, film and television websites. LFCMS 3.4.0 version of the arbitrary file reading vulnerability, attackers can use the vulnerability to obtain the source code o...

SQL Injection Vulnerability in check_need_status, check_pay_sum Methods of WK+shop General Mall System

WK+shop is a mall system based on the technology of PHP+MySQL, developed using ThinkPHP5.0 framework, which combines the Witcott mission system with multiple mall systems. WK+shop general mall system checkneedstatus, checkpaysum method SQL injection vulnerability, attackers can construct a specif...