43 matches found
EUVD-2020-23976
Malware in sbrugna...
CVE-2020-36492
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component selectmedia.php via the activepath, keyword, tag, fmdo=x, CKEditor and CKEditorFuncNum parameters...
CVE-2020-36491
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component tagsmain.php via the activepath, keyword, tag, fmdo=x, CKEditor and CKEditorFuncNum parameters...
CVE-2024-11210
A vulnerability was found in EyouCMS 1.51. It has been rated as critical. This issue affects the function editFile of the file application/admin/logic/FilemanagerLogic.php. The manipulation of the argument activepath leads to path traversal. The attack may be initiated remotely. The exploit has...
PT-2024-16828 · Eyoucms · Eyoucms
Name of the Vulnerable Software and Affected Versions: EyouCMS version 1.51 Description: A critical issue affects the function editFile of the file application/admin/logic/FilemanagerLogic.php. The manipulation of the argument activepath leads to path traversal. The attack may be initiated...
CVE-2024-42636
DedeCMS V5.7.115 has a command execution vulnerability via filemanageview.php?fmdo=newfile&activepath...
CVE-2023-43234
DedeBIZ v6.2.11 was discovered to contain multiple remote code execution RCE vulnerabilities at /admin/filemanagecontrol.php via the $activepath and $filename parameters...
CVE-2023-43234
DedeBIZ v6.2.11 was discovered to contain multiple remote code execution RCE vulnerabilities at /admin/filemanagecontrol.php via the $activepath and $filename parameters...
PT-2023-28740 · Dedebiz · Dedebiz
Name of the Vulnerable Software and Affected Versions: DedeBIZ version 6.2.11 Description: The issue concerns multiple remote code execution RCE vulnerabilities. These vulnerabilities are located at the "/admin/file manage control.php" API endpoint via the $activepath and $filename parameters...
CVE-2023-5022
A vulnerability has been found in DedeCMS up to 5.7.100 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /include/dialog/selecttempletspost.php. The manipulation of the argument activepath leads to absolute path traversal. The associated identifie...
Desdev DedeCMS Security Breach
Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has content publishing, content management, content editing and content retrieval functions. A security vulnerability exists in...
PT-2023-31501 · Dedecms · Dedecms
Name of the Vulnerable Software and Affected Versions: DedeCMS versions up to 5.7.100 Description: A critical issue has been found in DedeCMS, affecting an unknown functionality of the file /include/dialog/select templets post.php. The manipulation of the activepath argument leads to absolute pat...
CVE-2022-45539
EyouCMS = 1.6.0 was discovered a reflected-XSS in FileManager component in GET value "activepath" when creating a new file...
Cross site scripting
EyouCMS = 1.6.0 was discovered a reflected-XSS in FileManager component in GET value "activepath" when creating a new file...
CVE-2022-45539
EyouCMS = 1.6.0 was discovered a reflected-XSS in FileManager component in GET value "activepath" when creating a new file...
EyouCMS 跨站脚本漏洞
Zanzan Network Technology EyouCms Eyou CMS is an open source content management system CMS based on ThinkPHP by China Zanzan Network Technology Company. A cross-site scripting vulnerability exists in EyouCMS version 1.6.0 and earlier versions, which originates from the activepath GET parameter of...
DedeCMS Cross-Site Scripting Vulnerability (CNVD-2021-81101)
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the activepath, keyword,...
DedeCMS Cross-Site Scripting Vulnerability (CNVD-2021-81102)
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via activepath, keyword, tag,...
DedeCMS Cross-Site Scripting Vulnerability (CNVD-2021-81099)
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via activepath, keyword, tag,...
DedeCMS Cross-Site Scripting Vulnerability (CNVD-2021-81097)
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the activepath, keyword,...