GHSA-QC43-PGWQ-3Q2Q Shopware access control list bypassed via crafted specific URLs

Impact If backend admin controllers are called with a certain notation, the ACL could be bypassed. Users could execute actions, which they are normally not able to do. Patches We recommend updating to the current version 5.7.15. You can get the update to 5.7.15 regularly via the Auto-Updater or...

CVE-2022-26630

Jellycms v3.8.1 and below was discovered to contain an arbitrary file upload vulnerability via \app.\admin\Controllers\db.php...

XpressEngine 跨站脚本漏洞

XpressEngine XE is a CMS Content Management System that allows anyone to publish content easily, conveniently and freely. With an open source license, anyone can use or modify it, and as an open project, anyone can participate in its development. XE suffers from a security vulnerability that stem...

CVE-2020-20605

Blog CMS v1.0 contains a cross-site scripting XSS vulnerability in the /controller/CommentAdminController.java component...

xujinliang zibbs 跨站脚本漏洞

zibbs is a php light forum system developed on bootstrap. zibbs version 1.0 has a cross-site scripting vulnerability in application/controllers/AdminController.php. An attacker can exploit this vulnerability to execute arbitrary code via the bbsmeta parameter...

GravCMS 1.10.7 - Unauthenticated Arbitrary File Write (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GravCMS Remote Command Execution', 'Description' = %q This module exploits arbitrary config write/update vulnerability to achieve remote code...

SQL Injection

In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL injection...

CVE-2019-10684

Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit sitedomain parameter...

CVE-2019-5310

YUNUCMS 1.1.8 is affected by a cross‑site scripting vulnerability in app/admin/controller/System.php. The issue allows crafted data to be written to the sys.php file, demonstrated by using site_title in an admin/system/basic POST request. This represents an XSS risk as described across multiple s...

SDCMS Directory Traversal Vulnerability

SDCMS is a PHP and MySQL based enterprise station building content management system CMS from China Fireworks Network Technology Company. A directory traversal vulnerability exists in the app/plug/attachment/controller/admincontroller.php page in SDCMS version 1.6. The vulnerability can be...

Sql injection

apps\admin\controller\content\SingleController.php in PbootCMS before V1.3.0 build 2018-11-12 has SQL Injection, as demonstrated by the POST data to the admin.php/Single/mod/mcode/1/id/3 URI...

SQL Injection Vulnerability in Uc365 Website Category Navigation System

Yuko 365 website classification navigation system is an open source navigation management system based on PHP + MYSQL development and construction. Uke365 website navigation system v1.1.3 app/admin/controller/ar.php page SQL injection vulnerability , the vulnerability stems from the system fails ...

SDcms Cross-Site Request Forgery Vulnerability

SDcms is a PHP and MySQL based enterprise building content management system CMS by China Smoke & Fire Network Technology. A cross-site request forgery vulnerability exists in the /WWW//app/admin/controller/admincontroller.php file in SDcms version 1.5. A remote attacker can exploit this...

ruibaby Halo Stored Cross-Site Scripting Vulnerability

ruibaby Halo is a Java-based blogging system. A stored cross-site scripting vulnerability exists in ruibaby Halo 0.0.2. An attacker can exploit this vulnerability by using the loginName and loginPwd parameters of AdminController.java to conduct a cross-site scripting attack...

Yxcms Cross-Site Request Forgery Vulnerability

Yxcms is an efficient, flexible, practical and free enterprise building system, based on PHP and mysql technology. YXcms 1.4.7 in the protected/apps/admin/controller/adminController.php cross-site request forgery vulnerability. A remote attacker can exploit this vulnerability by deleting the...

CVE-2015-4628

SQL injection vulnerability in application/controllers/admin/questiongroups.php in LimeSurvey before 2.06+ Build 150618 allows remote authenticated administrators to execute arbitrary SQL commands via the sid parameter...

OpenCart 1.5.6.1 - openbay Multiple SQL Injections

OpenCart 1.5.6.1 - openbay Multiple SQL Injections Exploit Title : OpenCart log'getEbayItemId - Product ID: '.$productid; $qry = $this-db-query"SELECT ebayitemid FROM " . DBPREFIX . "ebaylisting WHERE productid = '".$productid."' AND status = '1' LIMIT 1"; .............. Function is called on man...

Santilga CMS 1.2.6.3 Cross Site Request Forgery / SQL Injection

============================= Vulnerable software: Santilga CMS version 1.2.6.3 $ head -n 10 Admin.php|less view-templateName = "admin"; parent::construct; $this-lang = SantilgaLanguage::getInstance-getLanguage; $this-view-lang = $this-lang; $this-view-showUploadForm = false; public function...

CVE-2007-6686

The URL rewrite module in Menalto Gallery before 2.2.4 allows attackers to include and execute arbitrary local files via unknown vectors related to the admin controller...

Design/Logic Flaw

The URL rewrite module in Menalto Gallery before 2.2.4 allows attackers to include and execute arbitrary local files via unknown vectors related to the admin controller...