6 matches found
DedeBIZ SQL注入漏洞
DedeBIZ is a content management system from China Muyun Intelligence DedeBIZ company. A SQL injection vulnerability exists in DedeBIZ 6.3.2 and earlier versions, which stems from incorrect manipulation of the parameter flags in the file /admin/archivesadd.php, which could lead to a SQL injection...
PT-2025-45592
A security vulnerability has been detected in DedeBIZ up to 6.3.2. The impacted element is an unknown function of the file /admin/archives add.php. Such manipulation of the argument flags leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may ...
Dreamer CMS Cross-Site Request Forgery Vulnerability (CNVD-2023-9571566)
Dreamer CMS is a dreamer content management system by Junnan Wang, an individual developer in China. A cross-site request forgery vulnerability exists in Dreamer CMS version v4.1.3, which originates from a failure to adequately validate whether a request is from a trusted user in the component...
CVE-2023-48914
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/archives/add...
Dreamer CMS 跨站请求伪造漏洞
Dreamer CMS is a dreamer content management system by Junnan Wang, an individual developer in China. A cross-site request forgery vulnerability exists in Dreamer CMS version v4.1.3, which originates from a failure to adequately validate whether a request is from a trusted user in the component...
CVE-2023-48914
Affected software: Dreamer CMS v4.1.3. Vulnerability: Cross-Site Request Forgery (CSRF) in the /admin/archives/add component. The root cause is insufficient validation of whether a request originates from a trusted user, enabling an attacker to forge a malicious request that tricks a victim into ...