CVE-2025-15394

A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and m...

CVE-2025-15394 iCMS POST Parameter ConfigAdmincp.php save code injection

A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and m...

EUVD-2020-17815

Malware in sbrugna...

EUVD-2020-17807

Malware in sbrugna...

EUVD-2020-17806

Malware in sbrugna...

EUVD-2020-17811

Malware in sbrugna...

EUVD-2020-17808

Malware in sbrugna...

EUVD-2020-17814

Malware in sbrugna...

EUVD-2020-17810

Malware in sbrugna...

EUVD-2006-4694

Malware in sbrugna...

EUVD-2021-28866

Malicious code in bioql PyPI...

EUVD-2022-48720

Malicious code in bioql PyPI...

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment via the installation process of the Import Page component in /admin-cp/imports. An attacker can gain unauthorized access to restricted actions or data by exploiting incorrect privilege assignments during...

juzaweb CMS 安全漏洞

Juzaweb CMS is a content management system developed by Juzaweb Individual Developers based on the Laravel framework and Web platform. A security vulnerability exists in juzaweb CMS version 3.4.2, which stems from improper authorization due to misuse of the file /admin-cp/imports...

juzaweb CMS 安全漏洞

Juzaweb CMS is a content management system developed by Juzaweb Individual Developers based on the Laravel framework and Web platform. A security vulnerability exists in juzaweb CMS version 3.4.2, which stems from improper authorization due to misuse of the file /admin-cp/theme/install...

Juzaweb CMS 代码注入漏洞

Juzaweb CMS is a content management system based on Laravel framework and Web platform developed by Juzaweb individual developers. A code injection vulnerability exists in Juzaweb CMS 3.4.2 and earlier versions, which originates from a cross-site scripting attack on the parameter Upload in the fi...

Juzaweb CMS 安全漏洞

Juzaweb CMS is a content management system developed by Juzaweb Individual Developer based on the Laravel framework and Web platform. A security vulnerability exists in Juzaweb CMS 3.4.2 and earlier versions that stems from improper access control in the file /admin-cp/media...

Juzaweb CMS 安全漏洞

Juzaweb CMS is a content management system developed by Juzaweb Individual Developer based on the Laravel framework and Web platform. A security vulnerability exists in juzaweb CMS 3.4.2 and earlier versions, which stems from improper access control in the file /admin-cp/theme/editor/default...

CVE-2020-25116

The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager...

CVE-2020-25123

The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smilies Manager...