42 matches found
CVE-2024-2016
A vulnerability, which was classified as critical, was found in ZhiCms 4.0. Affected is the function index of the file app/manage/controller/setcontroller.php. The manipulation of the argument sitename leads to code injection. It is possible to launch the attack remotely. The exploit has been...
EUVD-2024-26986
Malicious code in bioql PyPI...
EUVD-2024-26985
Malicious code in bioql PyPI...
EUVD-2024-16396
Malicious code in bioql PyPI...
CVE-2024-2015
A vulnerability, which was classified as critical, has been found in ZhiCms 4.0. This issue affects the function getindexdata of the file app/index/controller/mcontroller.php. The manipulation of the argument key leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2024-0603
A vulnerability classified as critical has been found in ZhiCms up to 4.0. This affects an unknown part of the file app/plug/controller/giftcontroller.php. The manipulation of the argument mylike leads to deserialization. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-2015
A vulnerability, which was classified as critical, has been found in ZhiCms 4.0. This issue affects the function getindexdata of the file app/index/controller/mcontroller.php. The manipulation of the argument key leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2024-2016
A vulnerability, which was classified as critical, was found in ZhiCms 4.0. Affected is the function index of the file app/manage/controller/setcontroller.php. The manipulation of the argument sitename leads to code injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-2016
A vulnerability, which was classified as critical, was found in ZhiCms 4.0. Affected is the function index of the file app/manage/controller/setcontroller.php. The manipulation of the argument sitename leads to code injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-2015
A vulnerability, which was classified as critical, has been found in ZhiCms 4.0. This issue affects the function getindexdata of the file app/index/controller/mcontroller.php. The manipulation of the argument key leads to sql injection. The attack may be initiated remotely. The exploit has been...
ZhiCms SQL注入漏洞
ZhiCms is a professional worth-buying system of ZhiCms community. ZhiCms version 4.0 has a SQL injection vulnerability that stems from the parameter key of the file app/index/controller/mcontroller.php that causes SQL injection...
ZhiCms 安全漏洞
ZhiCms is a professional buy-worthy system for the ZhiCms community. ZhiCms version 4.0 has a security vulnerability that stems from the parameter sitename in the file app/manage/controller/setcontroller.php that causes code injection...
CVE-2024-2016 ZhiCms setcontroller.php index code injection
A vulnerability, which was classified as critical, was found in ZhiCms 4.0. Affected is the function index of the file app/manage/controller/setcontroller.php. The manipulation of the argument sitename leads to code injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-2016 ZhiCms setcontroller.php index code injection
A vulnerability, which was classified as critical, was found in ZhiCms 4.0. Affected is the function index of the file app/manage/controller/setcontroller.php. The manipulation of the argument sitename leads to code injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-2016
CVE-2024-2016 affects ZhiCms 4.0; the vulnerability is in the index function of app/manage/controller/setcontroller.php where manipulating the sitename argument leads to code injection. It is exploitable remotely, and the exploit has been publicly disclosed (VDB-255270). No official patched versi...
CVE-2024-2015 ZhiCms mcontroller.php getindexdata sql injection
A vulnerability, which was classified as critical, has been found in ZhiCms 4.0. This issue affects the function getindexdata of the file app/index/controller/mcontroller.php. The manipulation of the argument key leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2024-2015
The CVE-2024-2015 entry concerns ZhiCms 4.0. The vulnerability is in the getindexdata function of app/index/controller/mcontroller.php, where manipulation of the key argument enables SQL injection. Exploitation can be performed remotely, and public disclosures exist (VDB-255269). Some connected s...
CVE-2024-2015 ZhiCms mcontroller.php getindexdata sql injection
A vulnerability, which was classified as critical, has been found in ZhiCms 4.0. This issue affects the function getindexdata of the file app/index/controller/mcontroller.php. The manipulation of the argument key leads to sql injection. The attack may be initiated remotely. The exploit has been...
PT-2024-18628 · Zhicms · Zhicms
Name of the Vulnerable Software and Affected Versions: ZhiCms version 4.0 Description: A critical vulnerability was found in the function index of the file app/manage/controller/setcontroller.php. The manipulation of the argument sitename leads to code injection. It is possible to launch the atta...
PT-2024-18627 · Zhicms · Zhicms
Name of the Vulnerable Software and Affected Versions: ZhiCms version 4.0 Description: A critical issue has been found in ZhiCms, affecting the getindexdata function of the file app/index/controller/mcontroller.php. The manipulation of the key argument leads to SQL injection. The attack may be...