147 matches found
CVE-2024-35558
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/cadeal.php?mudi=rev&nohrefStr=close...
CVE-2024-35555
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/shareswitch.php?mudi=switch&dataType=newsWeb&fieldName=state&fieldName2=state&tabName=infoWeb&dataID=40...
CVE-2024-35554
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoWebdeal.php?mudi=del&dataType=newsWeb&dataTypeCN...
CVE-2024-35554
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoWebdeal.php?mudi=del&dataType=newsWeb&dataTypeCN...
CVE-2024-35553
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoMovedeal.php?mudi=add&nohrefStr=close...
CVE-2024-35551
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoWebdeal.php?mudi=add...
CVE-2024-35550
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoWebdeal.php?mudi=rev...
PT-2024-26538 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the component /admin/infoMove deal.php with parameters mudi=del, dataType=logo, and dataTypeCN. This allows for unauthorized actions to be performed...
CVE-2024-35108
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/homeProdeal.php?mudi=del&dataType=&dataTypeCN...
PT-2024-26320 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component "/admin/homePro deal.php" with parameters mudi, dataType, and dataTypeCN. This issue allows for unauthorized requests. Recommendations: F...
CVE-2024-35012
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoTypedeal.php?mudi=add&nohrefStr=close...
CVE-2024-35012
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoTypedeal.php?mudi=add&nohrefStr=close...
Computer Laboratory Management System 安全漏洞
Computer Laboratory Management System is a computer laboratory management system. A security vulnerability exists in Computer Laboratory Management System v1.0, which originates from a SQL injection vulnerability in the parameter id of the component /admin/...
PT-2024-19620 · Bosscms · Bosscms
Name of the Vulnerable Software and Affected Versions: BossCMS version 1.3.0 Description: The issue allows a local attacker to execute arbitrary code and escalate privileges. This is achieved via the init function in the admin.class.php component. Recommendations: For BossCMS version 1.3.0,...
The vulnerability of the Setup sub-component, part of the Admin component in Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, allows an attacker to gain access to read, modify, add, or delete data.
The vulnerability of the Setup sub-component and the Admin component of Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating...
CVE-2023-41619
Emlog Pro v2.1.14 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/article.php?action=write...
CVE-2023-50017
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/database/backup...
XunRuiCMS Security Vulnerability
XunRuiCloud Software Development XunRuiCMS XunRuiCMS is an open source content management system CMS from China's XunRuiCloud Software Development Company. A security vulnerability exists in XunRuiCMS version v4.5.5, which was discovered to contain a Reflected Cross-Site Scripting XSS vulnerabili...
CVE-2023-41597
EyouCms v1.6.2 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /admin/twitter.php?activet...
CVE-2023-48060
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/task/add...