7 matches found
CVE-2026-34382
Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, the delete mode handler in mylistfunction.php permanently deletes list configurations without validating a CSRF token. An attacker who can lure an authenticated user to a malicious page can silently...
CVE-2022-29666
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan...
CVE-2022-29676
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan...
Sql injection
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan...
CVE-2022-29666
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan...
CSCMS Music Portal System SQL注入漏洞
CSCMS Music Portal System is a diversified content management system from China Chongsheng Network Technology CSCMS, Inc. A SQL injection vulnerability exists in CSCMS Music Portal System, which originates from the missing id parameter in /admin.php/pic/admin/lists/zhuan validation of external...
CSCMS Music Portal System SQL注入漏洞
CSCMS Music Portal System is a diversified content management system from China Chongsheng Network Technology CSCMS, Inc. A SQL injection vulnerability exists in CSCMS Music Portal System, which originates from the missing id parameter in /admin.php/news/admin/lists/zhuan validation of external...