34 matches found
AikCms 代码问题漏洞
AikCms AikCms is a content management system CMS based on PHP and MySQL. A security vulnerability exists in AikCms version v2.0.0, which originates from uploaded files not validated in the background file management...
AikCms跨站请求伪造漏洞
AikCms AikCms is a content management system CMS based on PHP and MySQL. AikCms has a security vulnerability that can be exploited by attackers to delete video messages...
SQL Injection Vulnerability in AikCms Backend
AikCms is a lightweight CMS. An SQL injection vulnerability exists in the backend of AikCms. An attacker can exploit this vulnerability to obtain sensitive database information...
File upload vulnerability in AikCms backend vi***_ad***.php page
AikCms is a lightweight CMS. A file upload vulnerability exists in the AikCms backend viad.php page, which can be exploited by an attacker to upload a webshell and gain server privileges...
CVE-2019-11568
An issue was discovered in AikCms v2.0. There is a File upload vulnerability, as demonstrated by an admin/page/system/nav.php request with PHP code in a .php file with the application/octet-stream content type...
Unrestricted file upload
An issue was discovered in AikCms v2.0. There is a File upload vulnerability, as demonstrated by an admin/page/system/nav.php request with PHP code in a .php file with the application/octet-stream content type...
CVE-2019-11568
An issue was discovered in AikCms v2.0. There is a File upload vulnerability, as demonstrated by an admin/page/system/nav.php request with PHP code in a .php file with the application/octet-stream content type...
CVE-2019-11567
An issue was discovered in AikCms v2.0. There is a SQL Injection vulnerability via $GET'del', as demonstrated by an admin/page/system/nav.php?del= URI...
Sql injection
An issue was discovered in AikCms v2.0. There is a SQL Injection vulnerability via $GET'del', as demonstrated by an admin/page/system/nav.php?del= URI...
CVE-2019-11567
An issue was discovered in AikCms v2.0. There is a SQL Injection vulnerability via $GET'del', as demonstrated by an admin/page/system/nav.php?del= URI...
CVE-2019-11568
An issue was discovered in AikCms v2.0. There is a File upload vulnerability, as demonstrated by an admin/page/system/nav.php request with PHP code in a .php file with the application/octet-stream content type...
CVE-2019-11568
CVE-2019-11568 affects AikCms v2.0 . The vulnerability is a file upload issue demonstrated by an admin/navigation request (nav.php) where PHP code is uploaded as a .php file with content type application/octet-stream. The CVSS data indicates a high impact (C, I, A all HIGH) with network access an...
CVE-2019-11567
An issue was discovered in AikCms v2.0. There is a SQL Injection vulnerability via $GET'del', as demonstrated by an admin/page/system/nav.php?del= URI...
CVE-2019-11567
CVE-2019-11567 affects AikCms v2.0 . The vulnerability is a SQL Injection via the GET parameter del in admin/page/system/nav.php?del=. The condition arises from unsanitized or improperly handled user input in the query construction, enabling an attacker to influence the database query. Documents ...