20 matches found
CVE-2019-16644
App\Home\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Zhuanti/group?id= substring...
EUVD-2019-7210
Malware in sbrugna...
CVE-2019-16642
App\Mobile\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Mobile/Zhuanti/group?id= substring...
PT-2023-15127 · Tuzicms · Tuzicms
Name of the Vulnerable Software and Affected Versions: Tuzicms version 2.0.6 Description: A SQL injection issue was found in the UserController.class.php component, located in AppManageController. Recommendations: For Tuzicms version 2.0.6, update to a newer version that contains a fix for this...
CVE-2023-0243
A vulnerability classified as critical has been found in TuziCMS 2.0.6. This affects the function index of the file App\Manage\Controller\ArticleController.class.php of the component Article Module. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...
CVE-2023-0244 TuziCMS KefuController.class.php delall sql injection
A vulnerability classified as critical was found in TuziCMS 2.0.6. This vulnerability affects the function delall of the file \App\Manage\Controller\KefuController.class.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been...
PT-2023-16107 · Tuzicms · Tuzicms
Name of the Vulnerable Software and Affected Versions: TuziCMS version 2.0.6 Description: A critical vulnerability was found in TuziCMS, affecting the delall function of the file AppManageControllerKefuController.class.php. The manipulation of the id argument leads to SQL injection. The attack ca...
CVE-2022-23882
TuziCMS 2.0.6 is affected by SQL injection in \App\Manage\Controller\BannerController.class.php...
Sql injection
TuziCMS 2.0.6 is affected by SQL injection in \App\Manage\Controller\BannerController.class.php...
CVE-2022-23882
TuziCMS 2.0.6 is affected by SQL injection in \App\Manage\Controller\BannerController.class.php...
CVE-2019-16658
TuziCMS 2.0.6 has index.php/manage/notice/doadd CSRF...
CVE-2019-16659
TuziCMS 2.0.6 has index.php/manage/link/doadd CSRF...
CVE-2019-16657
TuziCMS 2.0.6 has XSS via the PATHINFO to a group URI, as demonstrated by index.php/article/group/id/2/...
Cross site request forgery (csrf)
TuziCMS 2.0.6 has index.php/manage/link/doadd CSRF...
Code injection
TuziCMS 2.0.6 has XSS via the PATHINFO to a group URI, as demonstrated by index.php/article/group/id/2/...
Cross site request forgery (csrf)
TuziCMS 2.0.6 has index.php/manage/notice/doadd CSRF...
CVE-2019-16657
TuziCMS 2.0.6 has XSS via the PATHINFO to a group URI, as demonstrated by index.php/article/group/id/2/...
CVE-2019-16658
TuziCMS 2.0.6 has index.php/manage/notice/doadd CSRF...
CVE-2019-16659
TuziCMS 2.0.6 has index.php/manage/link/doadd CSRF...
Sql injection
App\Mobile\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Mobile/Zhuanti/group?id= substring...