File Inclusion Vulnerability in CmsTop Version v1.0.0.800

CmsTop Popular Edition mainly solves the needs of small and medium-sized local websites, information channels of industrial websites, as well as website publishing and management of online media, institutions, schools and enterprises. CmsTop version 1.0.0.800 has a local file inclusion...

Code Execution Vulnerability in DayinCMS Version 1.3

3D Printing Cloud Platform System DayinCMS A platform-level 3D printing platform system that allows for the rapid establishment of 3D printing service platforms. A code execution vulnerability exists in DayinCMS version 1.3, which can be exploited by an attacker to insert a sentence and obtain a...

File Upload Vulnerability in QYKCMS Version 4.3.2

QYKCMS is a lightweight intelligent website building system based on PHP+MySql developed by QYK. QYKCMS 4.3.2 version of the file upload vulnerability, the vulnerability stems from the server side did not filter the file content, the attacker can bypass the client-side detection of the direct...

File upload vulnerability in QYKCMS version 4.3.2 (CNVD-2018-05664)

QYKCMS is a lightweight intelligent website building system based on PHP+MySql developed by QYK. QYKCMS version 4.3.2 file upload vulnerability exists, the vulnerability stems from the content of the uploaded zip backup file is not filtered, the attacker can use the vulnerability to obtain webshe...

Code Execution Vulnerability in QYKCMS Version 4.3.2

QYKCMS is a lightweight intelligent website building system based on PHP+MySql developed by QYK. QYKCMS 4.3.2 version of the code execution vulnerability, the vulnerability stems from the modification of the configuration of the incoming parameters are not filtered, allowing attackers to exploit...

Arbitrary File Editing Vulnerability in Light CMS Version 1.7

Light CMS is an intelligent website building system built in PHP+MYSQL environment. Light CMS 1.7 version of the existence of arbitrary file editing vulnerability, the vulnerability stems from the file path to modify the file and to write the contents of the file are not filtered, the attacker ca...

File upload vulnerability in ask2 Q&A frontend

ask2 Q&A is an open source PHP Q&A program. A file upload vulnerability exists in the frontend of ask2 Q&A System. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...

File Upload Vulnerability in QCMS Version 3.0.1

QCMS website management system is a PHP lightweight system developed through MVC architecture. A file upload vulnerability exists in QCMS version 3.0.1. An attacker can exploit the vulnerability to forge bypass the background login, upload webshell, and gain server privileges...

Arbitrary File Upload Vulnerability in Monxin v4.0

Monxin mall system is a mall management system based on PC mall + mobile mall + WeChat mall + offline cashier, members / orders / commodities / inventory online and offline real-time synchronization of data across the network. Monxin v4.0 suffers from an arbitrary file upload vulnerability, which...

File Upload Vulnerability in PESCMS TEAM v2.1.0

PESCMS TEAM is a task management system open-sourced under the GPLv2 license. A file upload vulnerability exists in PESCMS TEAM v2.1.0 due to the system failing to perform a security check on uploaded zip archive files. An attacker can exploit this vulnerability to upload a Trojan horse file to...

Code Execution Vulnerability in Coupon Pusher CMS v1.8

Push Couponer CMS is a PHP Taobao coupon website developed in PHP+MySQL. A code execution vulnerability exists in PushCoupon CMS v1.8, which is caused by the system failing to adequately filter the values of uninvited parameters and cached files. An attacker can exploit this vulnerability to uplo...

Code Execution Vulnerability in YIXUNCMS v2.0.4.91

YIXUNCMS is a convenient CMS management system developed by Yixun BS Software Studio specializing in website construction for small and medium-sized enterprises. A code execution vulnerability exists in YIXUNCMS v2.0.4.91, which is caused due to the system failing to filter content written to...

YIXUNCMS v2.0.4.91 has an arbitrary file write vulnerability

YIXUNCMS is a convenient CMS management system developed by Yixun BS Software Studio specializing in website construction for small and medium-sized enterprises. YIXUNCMS v2.0.4.91 suffers from an arbitrary file write vulnerability, which is caused by the system failing to strictly filter...

Command Execution Vulnerability in FineCMS Version 5.3.0 Site.php File

FineCMS Free, Enterprise, Public Benefit is an efficient and simple small and medium-sized content management system based on PHP+MySql+CI framework. A command execution vulnerability exists in the Site.php file of FineCMS version 5.3.0. The vulnerability is due to insufficient filtering of...

Arbitrary File Editing Vulnerability in BEESCMS Version v4.0

BEESCMS is an enterprise website management system based on PHP+Mysql architecture. BEESCMS v4.0 version of the existence of arbitrary file editing vulnerability, the vulnerability stems from the file path to modify the file and the content of the file to be written into the file are not filtered...

File Upload Vulnerability in yzncms v1.0.0

Yzncms aka Otaku CMS is a CMS content management system based on the latest TP5 framework. yzncms v1.0.0 version exists file upload vulnerability, attackers can directly upload php files to get the website webshell...

Arbitrary File Editing Vulnerability in bagecms v3.1.3 Version

BageCms is a multi-functional open source web content management system based on php5+mysql5 development. bagecms v3.1.3 version of the existence of arbitrary file editing vulnerability, the vulnerability stems from the file path to modify the file and to write the contents of the file are not...

Code Execution Vulnerability in xyhcms v3.5

Xing Yunhai CMS XYHcms is a completely open source CMS content management system. xyhcms v3.5 version of the code execution vulnerabilities , attackers can exploit the vulnerability to insert a sentence Trojan horse to obtain the website webshell...

Code Execution Vulnerability in Ecmos v0.014

Ecmos is a deeply customized system based on ecmall, which is a mall shopping system developed by php+mysql. A code execution vulnerability exists in Ecmos v0.014, when the pendant management for script editing, the system fails to effectively filter the input file content and path parameters. An...

Code Execution Vulnerability in CwCms v1.8

CwCMS is a customized ASP+Access/MsSql content management system specifically designed for corporate websites. A code execution vulnerability exists in CwCms v1.8, which is due to the system failing to effectively filter input parameters. An attacker can exploit this vulnerability to upload a...