37 matches found
CVE-2023-46952
Cross Site Scripting vulnerability in ABO.CMS v.5.9.3 allows an attacker to execute arbitrary code via a crafted payload to the Referer header...
Cross site scripting
Cross Site Scripting vulnerability in ABO.CMS v.5.9.3 allows an attacker to execute arbitrary code via a crafted payload to the Referer header...
CVE-2023-48858
A Cross-site scripting XSS vulnerability in login page php code in Armex ABO.CMS 5.9 allows remote attackers to inject arbitrary web script or HTML via the login.php? URL part...
CVE-2023-46952
ABO.CMS v5.9.3 is affected by a Cross-Site Scripting vulnerability that allows an attacker to execute arbitrary code via a crafted payload in the Referer header. Affected component: ABO.CMS web application (version 5.9.3). Root cause: input in the Referer header is not properly sanitized, enablin...
CVE-2023-46952
Cross Site Scripting vulnerability in ABO.CMS v.5.9.3 allows an attacker to execute arbitrary code via a crafted payload to the Referer header...
CVE-2023-46952
Cross Site Scripting vulnerability in ABO.CMS v.5.9.3 allows an attacker to execute arbitrary code via a crafted payload to the Referer header...
CVE-2023-48858
A Cross-site scripting XSS vulnerability in login page php code in Armex ABO.CMS 5.9 allows remote attackers to inject arbitrary web script or HTML via the login.php? URL part...
CVE-2023-48858
The CVE-2023-48858 issue is a Cross-site Scripting (XSS) vulnerability in ABO.CMS 5.9, specifically in login.php, allowing remote attackers to inject arbitrary script via the login.php? URL. Connected sources confirm affected product ABO.CMS 5.9 and login-page code as the root cause; exploitation...
The vulnerability of the Documents module in the ABO.CMS system allows a perpetrator to execute arbitrary code.
The vulnerability of the Documents module in the ABO.CMS system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
CVE-2023-46953
SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...
Sql injection
SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...
CVE-2023-46953
SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...
CVE-2023-46953
SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...
CVE-2023-46953
CVE-2023-46953 : A SQL Injection in ABO.CMS v5.9.3 affects the Documents module via the d parameter, due to unprotected SQL query construction. This allows remote attackers to execute arbitrary code. Public documents indicate exploitation in the ABO.CMS context and describe a potential workaround...
ABO.CMS Security Vulnerabilities
ABO.CMS is a content management platform. A security vulnerability exists in ABO.CMS. An attacker exploited the vulnerability to perform a SQL injection attack...
PT-2023-8180 · Abo.Cms · Abo.Cms
Name of the Vulnerable Software and Affected Versions: ABO.CMS version 5.9.3 Description: The issue is related to a SQL Injection vulnerability in the Documents module of ABO.CMS, which allows remote attackers to execute arbitrary code via the d parameter. This vulnerability is due to the lack of...
ABO.CMS Multiple Vulnerabilities
---------------------------------------------------------------------- PT-2009-17 Positive Technologies Security Advisory ABO.CMS Multiple Vulnerabilities ---------------------------------------------------------------------- --- Affected Software ABO.CMS Versions prior to 5.1 Product Link:...