14 matches found
CVE-2026-7578
MacCMS Pro
EUVD-2026-26495
A weakness has been identified in MacCMS Pro up to 2022.1.3. This vulnerability affects the function install of the file /admi.php/admin/addon/add.html of the component Plugin Installation Handler. Executing a manipulation can lead to unrestricted upload. The attack may be performed from remote...
CVE-2023-1565
A vulnerability was found in FeiFeiCMS 2.7.130201. It has been classified as problematic. This affects an unknown part of the file \Public\system\slideadd.html of the component Extension Tool. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The...
PT-2023-17081 · Feifeicms · Feifeicms
Name of the Vulnerable Software and Affected Versions: FeiFeiCMS version 2.7.130201 Description: A vulnerability was found in the Extension Tool component, specifically affecting the file Publicsystemslide add.html. This issue leads to cross-site scripting and can be initiated remotely. The explo...
YzmCMS 跨站脚本漏洞
YzmCMS is a lightweight open source content management system based on PHP Mysql architecture developed solely by Yuan Zhimeng. cross-site scripting vulnerability exists in the /banner/add.html component of YzmCMS version 5.3. An attacker can exploit this vulnerability to execute arbitrary Web...
Yzmcms 跨站脚本漏洞
YzmCMS is a lightweight open source content management system based on PHP Mysql architecture developed solely by Yuan Zhimeng. cross-site scripting vulnerability exists in the /link/add.html component of YzmCMS version 5.3. An attacker can use this vulnerability to execute arbitrary Web scripts ...
YzmCMS YzmCMS 跨站请求伪造漏洞
YzmCMS is a lightweight open source content management system based on PHP+Mysql architecture developed by Yuan Zhimeng alone. YzmCMS 5.8 version of the existence of cross-site request forgery vulnerability, the attacker can be member/member/add.html through the use of this vulnerability to add...
CVE-2019-11451
whatsns 4.0 allows index.php?inform/add.html qid SQL injection...
CVE-2018-18317
DESHANG DSCMS 1.1 has CSRF via the public/index.php/admin/admin/add.html URI...
DSCMS Cross-Site Request Forgery Vulnerability
DESHANG DSCMS is a set of PHP and MySQL based CMS enterprise website building system of China Deshang DESHANG Network Technology Company. A cross-site request forgery vulnerability exists in DESHANG DSCMS version 1.1. A remote attacker can exploit this vulnerability to perform unauthorized...
Accellion FTA Device Cross-Site Scripting Vulnerability (CNVD-2017-07450)
Accellion FTA devices is a file transfer device from Accellion USA. The device supports file transfer, file sharing, file transfer tracking and reporting, and more. A cross-site scripting vulnerability exists in home/seos/courier/smtpgadd.html in Accellion FTA devices versions prior to FTA912180....
CVE-2017-8792
An issue was discovered on Accellion FTA devices before FTA912180. There is XSS in home/seos/courier/useradd.html with the param parameter...
CVE-2017-8795
An issue was discovered on Accellion FTA devices before FTA912180. There is XSS in home/seos/courier/smtpgadd.html with the param parameter...
CVE-2010-4992
SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html...