612 matches found
PT-2026-36832
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...
PT-2026-34814
Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to version 4.4.1, any authenticated user can manually construct a URL to preview campaigns/regions, and export saved reports belonging to other users. Exploitation of th...
EUVD-2026-4863
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed...
CVE-2025-15169
A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected by this issue is some unknown functionality of the file /admin/editsite.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made availabl...
EUVD-2023-60189
WBCE CMS 1.6.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML and CSS to capture user keystrokes. Attackers can upload a crafted HTML file with CSS-based keylogging techniques to intercept password characters through background image requests...
EUVD-2025-202933
WBCE CMS version 1.6.3 and prior contains an authenticated remote code execution vulnerability that allows administrators to upload malicious modules. Attackers can craft a specially designed ZIP module with embedded PHP reverse shell code to gain remote system access when the module is installed...
EUVD-2024-55315
WBCE CMS version 1.6.2 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the Elfinder file manager. Attackers can exploit the file upload functionality in the elfinder connector to upload a web shell and execute arbitrary syst...
PT-2025-50767
Name of the Vulnerable Software and Affected Versions WBCE CMS versions prior to 1.6.3 WBCE CMS version 1.6.3 Description WBCE CMS versions 1.6.3 and earlier have a flaw that permits administrators to execute code remotely by uploading malicious modules. An attacker can create a ZIP module...
PT-2025-49779
WBCE CMS is a content management system. Versions 1.6.4 and below use function GenerateRandomPassword to create passwords using PHP's rand. rand is not cryptographically secure, which allows password sequences to be predicted or brute-forced. This can lead to user account compromise or privilege...
EUVD-2025-199924
A security flaw has been discovered in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. This affects the function check/uncheck/delete of the file application/Comment/Controller/CommentadminController.class.php of the component CommentadminController. The manipulation of the argument...
EUVD-2025-199916
A vulnerability was identified in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Affected by this issue is the function delete of the file application/Admin/Controller/SlideController.class.php of the component SlideController. The manipulation of the argument ids leads to sql...
CVE-2025-13782 taosir WTCMS SlideController SlideController.class.php delete sql injection
A vulnerability was identified in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Affected by this issue is the function delete of the file application/Admin/Controller/SlideController.class.php of the component SlideController. The manipulation of the argument ids leads to sql...
EUVD-2021-0598
Malware in sbrugna...
EUVD-2005-4359
Malware in sbrugna...
EUVD-2008-6076
Malware in sbrugna...
EUVD-2021-0722
Malware in sbrugna...
EUVD-2005-2489
Malware in sbrugna...
EUVD-2005-2490
Malware in sbrugna...
EUVD-2012-3738
Malware in sbrugna...
EUVD-2010-0388
Malware in sbrugna...