CVE-2019-5310

YUNUCMS 1.1.8 has XSS in app/admin/controller/System.php because crafted data can be written to the sys.php file, as demonstrated by sitetitle in an admin/system/basic POST request...

DouCo DouPHP Cross-Site Scripting Vulnerability (CNVD-2019-00996)

DouCo DouPHP is a lightweight open source CMS Content Management System based on PHP and MySQL. A cross-site scripting vulnerability exists in admin/system.php?rec=update in DouCo DouPHP version 1.5 20181221. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

CVE-2018-18720

An XSS issue was discovered in index.php/admin/system/basic in YUNUCMS 1.1.5...

Cross site scripting

An XSS issue was discovered in index.php/admin/system/basic in YUNUCMS 1.1.5...

YUNUCMS cross-site scripting vulnerability (CNVD-2018-23272)

YUNUCMS is a three-network, self-substation system of open source content management system. YUNUCMS 1.1.5 in index.php/admin/system/basic cross-site scripting vulnerability, attackers can exploit the vulnerability to carry out cross-site attacks...

CVE-2018-17044

In YzmCMS 5.1, stored XSS exists via the admin/systemmanage/userconfigadd.html title parameter...

Dredge School Administration System 1.0 SQL Injection / XSS / CSRF

Dredge School Administration System V1.0 - Multiple Vulnerabilties ==================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

kingcms5. 0/5. 1 vulnerability-the vulnerability warning-the black bar safety net

To 1. kingcms 5.0 fckeditor the default path in the admin/system/editor/FCKeditor/editor/fckeditor.Html The local horse named for the hx. asp;jpg watch jpg the front there is no point.. OK..actually later do stations combined fckeditor this editor..plus the best verification..only management can...

CVE-2009-1615

Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via an admin.system.files aka Manage Files request to the default URI, then accessing the file via a direct request...

Unrestricted file upload

Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via an admin.system.files aka Manage Files request to the default URI, then accessing the file via a direct request...

Debian Security Advisory DSA 143-1 (krb5)

The remote host is missing an update to krb5 announced via advisory DSA 143-1. OpenVAS Vulnerability Test $Id: deb1431.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 143-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Novus 1.0 (notas.asp nota_id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ Novus 1.0 notas.asp notaid Remote SQL Injection Vulnerability ================================================================ Novus - Sistema de administracion y contenido...

exophpdesk_advisory.txt

=========================================================== ============================================================ Title: ExoPHPDesk Multiple Remote Vulnerabilities Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 15/11/2005 Severity: High. Remote Users...

kali.txt

There are some bugs in the kali's tagboard, you can access to the admin system without password!, you can put iframes, scripts... But the most vulnerabilitie is in the ban ip's, you can put this script: " " and execute commands in the server with this url: Example:...