Books-Management-System 代码注入漏洞

Books-Management-System is a book management system by withstars individual developers. A code injection vulnerability exists in Books-Management-System version 1.0, which originates from cross-site scripting due to a misbehavior of the Title parameter in the file /admin/article/add/do...

PT-2024-22506 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A Cross-Site Request Forgery CSRF issue was found in the /dede/article add.php component. This allows an attacker to perform unintended actions on the website. Recommendations: For DedeCMS version 5.7, as a...

CVE-2024-28665

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /dede/articleadd.php...

Desdev DedeCMS Security Breach

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has the functions of content publishing, content management, content editing and content retrieval. A security vulnerability exists ...

OpenRapid RapidCMS SQL Injection Vulnerability

OpenRapid RapidCMS is OpenRapid open source a fast and easy to use CMS system. OpenRapid RapidCMS version 1.3.1 SQL injection vulnerability , the vulnerability stems from the file /admin/article/article-add.php SQL injection vulnerability...

CVE-2023-33750

A stored cross-site scripting XSS vulnerability in mipjz v5.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description parameter at /index.php?s=/article/ApiAdminArticle/itemAdd...

NoneCMS 跨站脚本漏洞

NoneCMS is a simple and compact open-source content management system that can be used to quickly build corporate sites, personal blogs, and support mobile. A cross-site scripting vulnerability exists in admin/article/add.html in NoneCMS version 1.3.0. Attackers can use the name parameter to inje...

EyouCMS 1.4.6 Cross Site Scripting

Exploit Title: EyouCMS 1.4.6 - Persistent Cross-Site Scripting Date: 2020-05-28 Exploit Author: China Banking and Insurance Information Technology Management Co.,Ltd. Vendor Homepage: https://eyoucms.com Software Link: https://qiniu.eyoucms.com/EyouCMS-V1.4.6-UTF8-SP2.zip Version: EyouCMS V1.4.6...

SQL Injection Vulnerability in phpaaCMS article.add.php File

phpaaCMS is a simple article management system. A SQL injection vulnerability exists in the phpaaCMS article.add.php file. An attacker can exploit the vulnerability to obtain sensitive database information...

CVE-2010-1995

Multiple cross-site scripting XSS vulnerabilities in index.php in TomatoCMS before 2.0.5 allow remote authenticated users, with "Add new article" privileges, to inject arbitrary web script or HTML via the 1 title, 2 subTitle, and 3 author parameters in conjunction with a /admin/news/article/add...