4 matches found
CVE-2022-24608
Luocms v2.0 is affected by Cross Site Scripting XSS in /admin/news/sortadd.php and /inc/function.php...
CVE-2022-24606
Luocms v2.0 is affected by SQL Injection in /admin/news/sortok.php...
Luocms SQL注入漏洞
Luocms is an article management system. A SQL injection vulnerability exists in Luocms v2.0, which stems from a lack of validation of external input SQL statements in /admin/news/sortmod.php. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data...
Luocms 跨站脚本漏洞
Luocms is an article management system. A cross-site scripting vulnerability exists in Luocms v2.0, which stems from a lack of data validation filtering of user-supplied data and output in /admin/news/sortadd.php and /inc/function.php. An attacker could use this vulnerability to execute JavaScrip...