Logic flaw vulnerability in the la***.php file of Qibo's new X1.0 system

Zibo's new X1.0 system is a website management system based on the latest thinkphp5 framework. A logic flaw vulnerability exists in the la.php file of the Qibo New X1.0 system. An attacker can use the vulnerability to modify the database data to promote ordinary users to super administrator...

Arbitrary File Deletion Vulnerability in CRMEB Knowledge Payment System Backend Sy***.php Document File

CRMEB knowledge payment system is based on ThinkPhp5.0 + Vue development of a new retail live / on-demand knowledge payment system. CRMEB knowledge payment system background Sy.php file file exists arbitrary file deletion vulnerability. Attackers can use the vulnerability to delete arbitrary file...

Directory Traversal Vulnerability in ThinkAdmin v6

ThinkAdmin is a backend management framework based on the latest ThinkPHP V6 development, open source using the MIT protocol. ThinkAdmin v6 has a directory traversal vulnerability. Attackers can use the vulnerability through the POST request rules parameter to exploit the vulnerability to read...

Command Execution Vulnerability in BayCloud CMS

Beyun cms content management system is an open source content management system based on tp5.1. Beyuncms has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

SQL Injection Vulnerability in 115CMS Backend Ad***.php File

115CMS is a content management system developed on ThinkPHP framework. A SQL injection vulnerability exists in the Ad.php file in the 115CMS backend. An attacker can exploit the vulnerability to obtain sensitive database information...

File Upload Vulnerability in ShuipFCMS Content Management System

ShuipFCMS a content management system based on ThinkPHP framework as the core, using an independent grouping approach to development. ShuipFCMS has an arbitrary file upload vulnerability that can be exploited by an attacker to gain administrative privileges on the server...

MileagePHP open-source blog system with arbitrary directory recursive deletion vulnerability

MileagePHP open source blogging system using Thinkphp framework, with easy to read, easy to use and so on. MileagePHP open source blog system has an arbitrary directory recursive deletion vulnerability , an attacker can use the vulnerability for arbitrary directory recursive deletion...

SQL Injection Vulnerability in thinkphp

ThinkPHP was born to simplify enterprise-level application development and agile WEB application development. The earliest born in early 2006, 2007 New Year's Day was officially renamed ThinkPHP, and follow the Apache2 open source protocol release. thinkphp there is a SQL injection vulnerability ...

Arbitrary Directory Deletion Vulnerability in Mile High PHP Open Source Blog System (CNVD-2020-59461)

MileageMi is a ThinkPHP open source blogging system. MileageMi PHP open source blog system has an arbitrary directory deletion vulnerability that can be exploited by attackers to delete directory files...

SQL Injection Vulnerability in MileagePlus PHP Blog System

MileagePHP Blog System is an open source blog system based on ThinkPHP. MileagePHP Blog System suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in Guojiz International Website Navigation System

Guojiz International Website Navigation System is developed by ThinkPHP5.0+PHP7.0+Mysql+Apache/Nginx/iis, which is suitable for small and medium-sized webmasters to build a CMS program. Guojiz International Website Navigation System has a SQL injection vulnerability, which can be exploited by...

Command Execution Vulnerability in the Backend of Guojiz International Web Site Navigation System

Guojiz International Website Navigation System is developed by ThinkPHP5.0+PHP7.0+Mysql+Apache/Nginx/iis, which is suitable for small and medium-sized webmasters to build a CMS program. Guojiz international web site navigation system backend command execution vulnerability, attackers can use the...

Command execution vulnerability in FastAdmin backend (CNVD-2020-58827)

FastAdmin is an extremely fast backend development framework based on ThinkPHP and Bootstrap, and a permission management system based on Auth validation. FastAdmin backend has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

TPshop open source mall management background Uploadify page file upload vulnerability

TPshop open source mall is developed with the latest version of ThinkPHP shop mall. TPshop open source mall management background Uploadify page file upload vulnerability. Attackers can use this vulnerability to upload webshell, get server privileges...

TPshop open source mall merchant management background Ueditor page file upload vulnerabilities exist

TPshop open source mall is developed with the latest version of ThinkPHP shop mall. TPshop open source mall merchant management backend file upload vulnerability. Attackers can use this vulnerability to upload webshell, get server privileges...

TPshop open source mall merchant management background Uploadify page file upload vulnerabilities exist

TPshop open source mall is developed with the latest version of ThinkPHP shop mall. TPshop open source mall merchant management background Uploadify page file upload vulnerability. Attackers can use this vulnerability to upload webshell, get server privileges...

File Deletion Vulnerability in CLTPHP Open Source Edition

CLTPHP is a content management system based on ThinkPHP5 development with Layui framework in the backend. CLTPHP open source version exists file deletion vulnerability. An attacker can exploit the vulnerability to delete arbitrary files , resulting in a program crash...

File upload vulnerability in lemocms Up***.php file

lemocms aka lemocms backend management system is a completely open source project based on the latest version of ThinkPHP6, layui+easywechat framework development, easy to extend the functionality, code maintenance, and convenient for the second development. lemocms Up.php file file upload...

Logic Flaw Vulnerability in LeShang Mall Open Source System (CNVD-2020-50729)

LeShangMall is a lightweight mall website management system, based on Thinkphp5+Mysql architecture, can run on Linux, Windows, MacOSX, Solaris and other platforms, the template is separated from the program, support for custom pseudo-static, the front template using DIV + CSS design can be orient...

SQL Injection Vulnerability in niushop_b2c Single Merchant E-commerce System

niushop b2c single merchant e-commerce system is a thinkphp5.0 MySQL development language development, completely open source mall system can be used for enterprises, individuals to establish their own online free mall. niushopb2c single merchant e-commerce system SQL injection vulnerability ,...