28 matches found
PT-2024-37725
Name of the Vulnerable Software and Affected Versions Campaign Monitor for WordPress plugin for WordPress versions up to, and including, 2.8.15 Description The issue is due to the plugin not properly restricting direct access to "/forms/views/admin/create.php" and display errors being enabled. Th...
Tourism Management System 安全漏洞
Tourism Management System is an American website builder for tourism management. A security vulnerability exists in Phpgurukul Tourism Management System version v2.0, which originates from a file upload vulnerability in tms/admin/create-package.php...
CVE-2020-28136
An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page...
SourceCodester Tourism Management System 代码问题漏洞
SourceCodester Tourism Management System is a website builder for tourism management from SourceCodester. SourceCodester Tourism Management System has an arbitrary file upload vulnerability that can be exploited for remote code execution via the admin create-package.php vulnerability page...
CVE-2018-15206
BPC SmartVista 2 has CSRF via SVFE2/pages/admpages/roles/createrole.jsf...
BageCMS Cross-Site Request Forgery Vulnerability
BageCMS is a cross-platform content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in the index.php?r=admini/admin/create URL in BageCMS version 3.1.3. A remote attacker can exploit the vulnerability to add a backend administrator account...
CVE-2018-14582
index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a background administrator account...
CVE-2018-14582
index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a background administrator account...