CVE-2025-12859

A vulnerability has been found in DedeBIZ up to 6.3.2. This impacts an unknown function of the file /admin/templetsoneedit.php. The manipulation of the argument ids leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used...

EUVD-2025-24938

Malicious code in bioql PyPI...

CVE-2025-8975

A vulnerability was identified in givanz Vvveb up to 1.0.5. This affects an unknown part of the file admin/template/content/edit.tpl. The manipulation of the argument slug leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public a...

CVE-2025-8975

CVE-2025-8975 affects givanz Vvveb up to 1.0.5, where the slug parameter is mishandled in the file admin/template/content/edit.tpl, enabling cross-site scripting. The issue can be exploited remotely and the exploit has been disclosed publicly. A fix is available in version 1.0.6; patch hash: 84c1...

PT-2025-33404 · Unknown · Givanz Vvveb

Name of the Vulnerable Software and Affected Versions: givanz Vvveb versions up to 1.0.5 Description: A vulnerability was identified in givanz Vvveb up to version 1.0.5. This affects an unknown part of the file admin/template/content/edit.tpl. The manipulation of the argument slug leads to...

CVE-2024-8782

A vulnerability was found in JFinalCMS up to 1.0. It has been rated as critical. This issue affects the function delete of the file /admin/template/edit. The manipulation of the argument name leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the publ...

PT-2024-39248 · Jfinalcms · Jfinalcms

Name of the Vulnerable Software and Affected Versions: JFinalCMS versions up to 1.0 Description: A critical issue affects the delete function of the file /admin/template/edit. The manipulation of the name argument leads to path traversal, allowing an attacker to delete arbitrary files. This issue...

Jpress 路径遍历漏洞

Jpress is a blogging platform developed by Jpress team using Java language. A path traversal vulnerability exists in Jpress version 5.1.1 and earlier versions, which stems from a path traversal vulnerability in /admin/template/edit...

PT-2024-38929 · Jpress · Jpress

Name of the Vulnerable Software and Affected Versions: jpress versions up to 5.1.1 Description: A critical vulnerability has been found in the Template Module Handler component of jpress, affecting an unknown functionality of the file /admin/template/edit. The manipulation leads to path traversal...

AyaCMS 安全漏洞

AyaCMS is an extremely simple and free open source PHP website builder. A security vulnerability exists in AyaCMS version v3.1.2, which stems from its /admin/tpledit.inc.php component that allows an attacker to achieve remote code execution...

CVE-2020-21431

HongCMS v3.0 contains an arbitrary file read and write vulnerability in the component /admin/index.php/template/edit...

HongCMS 访问控制错误漏洞

HongCMS is an open source lightweight content management system CMS. An access control error vulnerability exists in HongCMS, which stems from the product's failure to add valid permission controls to the /admin/index.php/template/edit page. An attacker could cause arbitrary file reads and writes...

CVE-2020-10495

CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request...