40 matches found
HuangDou UTCMS V9 - OS Command Injection
A vulnerability, which was classified as critical, has been found in HuangDou UTCMS V9. Affected by this issue is some unknown functionality of the file app/modules/ut-cac/admin/cli.php. The manipulation of the argument o leads to os command injection.The attack may be launched remotely. The...
EUVD-2024-50209
Malicious code in bioql PyPI...
EUVD-2024-50210
Malicious code in bioql PyPI...
EUVD-2025-28846
Malicious code in bioql PyPI...
CVE-2025-56407
A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. This vulnerability affects the function RunSql of the file app/modules/ut-data/admin/mysql.php. The manipulation of the argument sql leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2025-56407
A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. This vulnerability affects the function RunSql of the file app/modules/ut-data/admin/mysql.php. The manipulation of the argument sql leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2025-56407
A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. This vulnerability affects the function RunSql of the file app/modules/ut-data/admin/mysql.php. The manipulation of the argument sql leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2025-56407
A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. This vulnerability affects the function RunSql of the file app/modules/ut-data/admin/mysql.php. The manipulation of the argument sql leads to sql injection. The attack can be initiated remotely. The exploit has been...
UTCMS 安全漏洞
UTCMS is a content management system built on the UT framework by the individual developer of usaltool. A security vulnerability exists in UTCMS version V9, which originates from SQL injection due to incorrect manipulation of the parameter sql in the file app/modules/ut-data/admin/mysql.php...
CVE-2025-56407
A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. This vulnerability affects the function RunSql of the file app/modules/ut-data/admin/mysql.php. The manipulation of the argument sql leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2025-56407
The CVE-2025-56407 entry affects HuangDou UTCMS V9, specifically the RunSql function in app/modules/ut-data/admin/mysql.php. The root cause is manipulation of the sql argument that enables SQL injection, with remote exploitation and publicly disclosed exploit capabilities. Public sources consiste...
CVE-2025-9401
A vulnerability has been found in HuangDou UTCMS 9. This vulnerability affects unknown code of the file app/modules/ut-frame/admin/login.php of the component Login. Such manipulation of the argument code leads to incorrect comparison. The attack can be executed remotely. The attack requires a hig...
CVE-2025-9402
A vulnerability was found in HuangDou UTCMS 9. This issue affects some unknown processing of the file app/modules/ut-frame/admin/update.php of the component Config Handler. Performing manipulation of the argument UPDATEURL results in server-side request forgery. The attack is possible to be carri...
CVE-2025-9402
A vulnerability was found in HuangDou UTCMS 9. This issue affects some unknown processing of the file app/modules/ut-frame/admin/update.php of the component Config Handler. Performing manipulation of the argument UPDATEURL results in server-side request forgery. The attack is possible to be carri...
CVE-2025-9402 HuangDou UTCMS Config update.php server-side request forgery
A vulnerability was found in HuangDou UTCMS 9. This issue affects some unknown processing of the file app/modules/ut-frame/admin/update.php of the component Config Handler. Performing manipulation of the argument UPDATEURL results in server-side request forgery. The attack is possible to be carri...
CVE-2025-9401 HuangDou UTCMS Login login.php comparison
A vulnerability has been found in HuangDou UTCMS 9. This vulnerability affects unknown code of the file app/modules/ut-frame/admin/login.php of the component Login. Such manipulation of the argument code leads to incorrect comparison. The attack can be executed remotely. The attack requires a hig...
UTCMS 代码问题漏洞
UTCMS is a content management system built on the UT framework by the individual developer of usaltool. A code issue vulnerability exists in UTCMS version 9, which originates from a server-side request forgery of the UPDATEURL parameter in file app/modules/ut-frame/admin/update.php...
PT-2025-34583 · Unknown · Huangdou Utcms Version 9
Name of the Vulnerable Software and Affected Versions: HuangDou UTCMS version 9 Description: A server-side request forgery issue exists due to manipulation of the UPDATEURL argument within the app/modules/ut-frame/admin/update.php file of the Config Handler component. This allows for remote...
CVE-2024-9918
A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. This vulnerability affects the function RunSql of the file app/modules/ut-data/admin/sql.php. The manipulation of the argument sql leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2024-9917
A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. This affects an unknown part of the file app/modules/ut-template/admin/templatecreat.php. The manipulation of the argument content leads to deserialization. It is possible to initiate the attack remotely. The explo...