CVE-2022-37111

BlueCMS 1.6 has SQL injection in line 132 of admin/article.php...

CVE-2023-4447

A vulnerability has been found in OpenRapid RapidCMS 1.3.1 and classified as critical. This vulnerability affects unknown code of the file admin/article-chat.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to th...

EUVD-2025-29163

Malicious code in bioql PyPI...

EUVD-2022-39764

Malicious code in bioql PyPI...

CVE-2025-10434

A vulnerability was identified in IbuyuCMS up to 2.6.3. Impacted is an unknown function of the file /admin/article.php?a=mod of the component Add Article Page. The manipulation of the argument Title leads to cross site scripting. The attack is possible to be carried out remotely. The exploit is...

CVE-2025-10434

IbuyuCMS up to version 2.6.3 is affected by a cross-site scripting (XSS) vulnerability in the Add Article Page component, specifically via manipulation of the Title argument in /admin/article.php?a=mod. The issue enables remote exploitation and an exploit is publicly available. Remediation: upgra...

CVE-2025-10434 IbuyuCMS Add Article article.php cross site scripting

A vulnerability was identified in IbuyuCMS up to 2.6.3. Impacted is an unknown function of the file /admin/article.php?a=mod of the component Add Article Page. The manipulation of the argument Title leads to cross site scripting. The attack is possible to be carried out remotely. The exploit is...

IbuyuCMS 代码注入漏洞

IbuyuCMS is a content management system of IbuyuCMS open source. A code injection vulnerability exists in IbuyuCMS 2.6.3 and earlier versions, which stems from incorrect manipulation of the parameter Title in the file /admin/article.php, and may lead to cross-site scripting attacks...

emlog 代码注入漏洞

emlog is emlog open source PHP and MySQL based on a set of CMS site building system . emlog 2.5.7 and previous versions of the code injection vulnerability , the vulnerability stems from the file /admin/article.php parameter activepost in the wrong operation leads to cross-site scripting...

CVE-2023-41619

Emlog Pro v2.1.14 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/article.php?action=write...

CVE-2023-30205

A stored cross-site scripting XSS vulnerability in DouPHP v1.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the uniqueid parameter in /admin/article.php...

emlog SQL注入漏洞

emlog is emlog open source PHP and MySQL based on a set of CMS website builder . emlog 2.5.9 and previous versions exist SQL injection vulnerability , the vulnerability stems from admin/articlesave.php in the $origContent parameter is not strictly filtered , which may lead to SQL injection and...

CVE-2025-3963

A vulnerability, which was classified as critical, has been found in withstars Books-Management-System 1.0. This issue affects some unknown processing of the file /admin/article/list of the component Background Interface. The manipulation leads to missing authorization. The attack may be initiate...

Books-Management-System 代码注入漏洞

Books-Management-System is a book management system by withstars individual developers. A code injection vulnerability exists in Books-Management-System version 1.0, which originates from cross-site scripting due to a misbehavior of the Title parameter in the file /admin/article/add/do...

Books-Management-System 安全漏洞

Books-Management-System is a book management system by withstars individual developers. A security vulnerability exists in Books-Management-System version 1.0, which stems from an incorrect operation of the file /admin/article/list resulting in a missing authorization...

emlog 安全漏洞

emlog is a PHP and MySQL based CMS website builder for emlog personal developers. A security vulnerability exists in emlog Pro v2.5.4, which originates from the /admin/article.php file and is susceptible to cross-site scripting attacks...

CVE-2024-57599

Cross Site Scripting vulnerability in DouPHP v.1.8 Release 20231203 allows attackers to execute arbitrary code via a crafted payload injected into the description parameter in /admin/article.php...

DouCo DouPHP 安全漏洞

DouCo DouPHP is a lightweight enterprise content management system CMS from China DouCo. A security vulnerability exists in DouCo DouPHP v.1.8, which originates from an arbitrary code execution vulnerability in the description parameter of the /admin/article.php page...

emlog 代码注入漏洞

emlog is a PHP and MySQL based CMS builder. A cross-site scripting vulnerability exists in the emlog /admin/article.php processing IMAGE, which can be exploited by remote attackers to inject malicious script or HTML code that can be used to obtain sensitive information or hijack user sessions whe...

PT-2025-2018 · Emlog Pro · Emlog Pro

Name of the Vulnerable Software and Affected Versions: Emlog Pro versions up to 2.4.3 Description: A problematic vulnerability was found in Emlog Pro, affecting an unknown section of the file /admin/article.php of the component Subpage Handler. The manipulation leads to cross site scripting. The...