38 matches found
PT-2025-52614
Name of the Vulnerable Software and Affected Versions SeaCMS versions up to 13.3 Description A SQL injection issue exists in SeaCMS. The issue is located in the admin video.php file, specifically through manipulation of the e id argument within an unknown function. This allows for remote...
EUVD-2010-2467
Malware in sbrugna...
EUVD-2024-41071
Malicious code in bioql PyPI...
FoxCMS 注入漏洞
FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS. FoxCMS 1.2.5 and previous versions exist injection vulnerability, the vulnerability stems from the file app/admin/controller/Video.php in the parameter ids of the wrong operation leads to SQL injection...
CVE-2024-44683
Seacms v13 is vulnerable to Cross Site Scripting XSS via admin-video.php...
CVE-2023-50470
A cross-site scripting XSS vulnerability in the component admin Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
SeaCMS cross-site scripting vulnerability (CNVD-2024-39583)
SeaCMS is a free, open source web content management system written in PHP by SeaCMS. The system has been designed primarily to manage video-on-demand resources. A cross-site scripting vulnerability exists in SeaCMS version v13, which originates from a cross-site scripting vulnerability contained...
CVE-2024-44683
Seacms v13 is vulnerable to Cross Site Scripting XSS via admin-video.php...
CVE-2024-44683
Seacms v13 is vulnerable to Cross Site Scripting XSS via admin-video.php...
CVE-2024-44683
Seacms v13 is vulnerable to Cross Site Scripting XSS via admin-video.php...
PT-2024-31210 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: Seacms version 13 Description: The issue is related to Cross Site Scripting XSS via the admin-video.php endpoint. This allows for potential malicious script execution. No information is provided about the estimated number of potentially...
CVE-2024-44683
Seacms v13 is vulnerable to Cross Site Scripting (XSS) via admin-video.php. The CVE entry documents an XSS in SeaCMS v13 (admin-video.php) with a CVSS v3.1 base score 6.1 (MEDIUM). Exploitation details are not fully disclosed in the provided materials; CVSS suggests network access with user inter...
CVE-2024-0482
A vulnerability classified as critical has been found in Taokeyun up to 1.0.5. This affects the function index of the file application/index/controller/app/Video.php of the component HTTP POST Request Handler. The manipulation of the argument cid leads to sql injection. It is possible to initiate...
CVE-2024-0482 Taokeyun HTTP POST Request Video.php index sql injection
A vulnerability classified as critical has been found in Taokeyun up to 1.0.5. This affects the function index of the file application/index/controller/app/Video.php of the component HTTP POST Request Handler. The manipulation of the argument cid leads to sql injection. It is possible to initiate...
CVE-2024-0482
Summary of findings (CVE-2024-0482): Taokeyun up to 1.0.5 is affected by a vulnerability in the HTTP POST Request Handler, specifically the function index within Video.php. The issue arises from manipulating the parameter cid , leading to an SQL injection. The vulnerability is exploitable remotel...
PT-2024-15599 · Taokeyun · Taokeyun
Name of the Vulnerable Software and Affected Versions: Taokeyun versions up to 1.0.5 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically affecting the function index of the file application/index/controller/app/Video.php. The manipulation of the c...
CVE-2023-50470
A cross-site scripting XSS vulnerability in the component admin Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-50470
A cross-site scripting XSS vulnerability in the component admin Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-50470
Summary of CVE-2023-50470 : Multiple sources document a cross-site scripting (XSS) vulnerability in SeaCMS v12.8 affecting the component described as admin_Video.php or admin_ Video.php, allowing an attacker to inject arbitrary web scripts/HTML via a crafted payload. The issue stems from insuffic...
CVE-2022-2633
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file downloads and blind server-side request forgery via the 'dl' parameter found in the /public/video.php file in versions up to, and including 2.6.0. This makes it possible for unauthenticated users to download sensiti...