CVE-2020-36932

SeaCMS 11.1 contains a stored cross-site scripting vulnerability in the checkuser parameter of the admin settings page. Attackers can inject malicious JavaScript payloads that will execute in users' browsers when the page is loaded...

CVE-2021-33827

The filesantivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings...

CVE-2023-4160 WooCommerce PDF Invoice Builder <= 1.2.90 - Authenticated (Administrator+) Cross-Site Scripting

The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.2.90 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-leve...

CVE-2021-33827

The filesantivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings...

CVE-2021-33827

The filesantivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings...

CVE-2021-33827

The filesantivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings...

Command injection

The filesantivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings...

CVE-2021-33827

The filesantivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings...

The vulnerability of the PHP-Fusion CMS system, which exists due to the lack of measures taken to protect the structure of web pages, allows attackers to execute arbitrary code.

The vulnerability in the /administration/settingsregistration.php function of the PHP-Fusion CMS system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely by using a specially created...

PHP-Fusion Cross-Site Scripting Vulnerability (CNVD-2021-48510)

PHP-Fusion is a lightweight open source content management system. A stored cross-site scripting vulnerability exists in administration/settingsmain.php in PHP-Fusion, which can be exploited to execute arbitrary web script or HTML via the "site footer" field...

CVE-2020-23179

A stored cross site scripting XSS vulnerability in administration/settingsmain.php of PHP-Fusion 9.03.50 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Site footer" field...

Php-fusion PHP-Fusion 跨站脚本漏洞

PHP-Fusion is a lightweight open source content management system. A stored cross-site scripting vulnerability exists in administration/settingsmain.php in PHP-Fusion, which can be exploited to execute arbitrary web script or HTML via the "site footer" field...