3 matches found
CVE-2023-5301
A vulnerability classified as critical was found in DedeCMS 5.7.111. This vulnerability affects the function AddMyAddon of the file albumadd.php. The manipulation of the argument albumUploadFiles leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed t...
QCMS Cross-Site Scripting Vulnerability (CNVD-2019-10280)
QCMS is an open source content management system CMS for creating responsive websites. A cross-site scripting vulnerability exists in upload/System/Controller/backend/album.php in QCMS 3.0.1, which can be exploited by remote attackers to inject arbitrary web script or HTML...
Jackie novel CMS serialized system arbitrary file upload 0day-vulnerability warning-the black bar safety net
Registered users Into space-the album-upload With oprea live firefox modifying the source code There is a. jpg . gif of the place changedto. You can upload any file Keywords: inurl:modules/space...