Sql injection

SQL injection vulnerability found in WUZHICMS v.4.1.0 allows a remote attacker to execute arbitrary code via the checktitle function in admin/content.php...

CVE-2020-20413

CVE-2020-20413 affects WUZHICMS v4.1.0. A SQL injection in the checktitle() function of admin/content.php enables a remote attacker to execute arbitrary code. The vulnerability is described across multiple security feeds as a high-severity issue (CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). No...

CVE-2020-20413

SQL injection vulnerability found in WUZHICMS v.4.1.0 allows a remote attacker to execute arbitrary code via the checktitle function in admin/content.php...

CVE-2017-11327

An issue was discovered in Tilde CMS 1.0.1. It is possible to retrieve sensitive data by using direct references. A low-privileged user can load PHP resources such as admin/content.php and admin/content.php?method=ftpupload...

Better WP Security 3.5.5 - inc/admin/content.php id_specialfile Parameter Stored XSS

The iThemes Security formerly Better WP Security WordPress plugin was affected by an inc/admin/content.php idspecialfile Parameter Stored XSS security vulnerability...

Cross site scripting

Cross-site scripting XSS vulnerability in modules/content/admin/content.php in ImpressCMS 1.2.3 Final, and possibly other versions before 1.2.4, allows remote attackers to inject arbitrary web script or HTML via the quicksearchContentContent parameter...