EUVD-2021-12851

Malware in sbrugna...

EUVD-2024-48610

Malicious code in bioql PyPI...

BIT-JOOMLA-2021-26027 [20210307] - Core - ACL violation within com_content frontend editing

An issue was discovered in Joomla! 3.0.0 through 3.9.24. Incorrect ACL checks could allow unauthorized change of the category for an article...

PT-2025-7592 · Phpress · Ppress

Name of the Vulnerable Software and Affected Versions: Ppress version 0.0.9 Description: A stored Cross-Site Scripting vulnerability in the "related recommendations" feature allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and...

CVE-2024-7733

A vulnerability, which was classified as problematic, was found in FastCMS up to 0.1.5. Affected is an unknown function of the component New Article Category Page. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the...

PT-2024-38541 · Fastcms · Fastcms

Name of the Vulnerable Software and Affected Versions: FastCMS versions up to 0.1.5 Description: A vulnerability was found in the New Article Category Page component of FastCMS, affecting an unknown function. This issue leads to cross-site scripting and can be exploited remotely. The exploit has...

Ecshop 安全漏洞

ShopeX ECShop is an open source mall system of the Chinese business school ShopeX company . Support PC + H5 + APP + small program mall, source code free download experience, suitable for enterprise development and build mall. Ecshop 3.6 version of a security vulnerability, the vulnerability stems...

CVE-2024-22939

Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacker to execute arbitrary code via the system/article/categoryedit component...

FlyCms Security Vulnerability

sunkaifei FlyCms is sunkaifei open source application . A similar to Zhihu based on Q&A completely open source JAVA language development of social networking site builder . FlyCms v.1.0 version of a security vulnerability . Remote attackers use this vulnerability through the...

CVE-2023-3799

A vulnerability was found in IBOS OA 4.5.5 and classified as critical. This issue affects some unknown processing of the file ?r=article/category/del of the component Delete Category Handler. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been...

IBOS SQL注入漏洞

IBOS is a collaborative office management system. An SQL injection vulnerability exists in IBOS OA version 4.5.5, which stems from the fact that the file ?r=article/category/del causes sql injection...

CVE-2022-46438

A cross-site scripting XSS vulnerability in the /admin/articlecategory.php component of DouPHP v1.7 20221118 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the description parameter...

DouCo DouPHP 跨站脚本漏洞

DouCo DouPHP is a lightweight enterprise content management system CMS from China's DouCo Network Technology. A security vulnerability exists in DouCo DouPHP v1.7 20221118, which originates from cross-site scripting in the /admin/articlecategory.php component and allows attackers to execute...

PT-2023-14933 · Douphp · Douphp

Name of the Vulnerable Software and Affected Versions: DouPHP version 1.7 20221118 Description: A cross-site scripting XSS issue in the /admin/article category.php component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the description parameter...

CVE-2021-26027

An issue was discovered in Joomla! 3.0.0 through 3.9.24. Incorrect ACL checks could allow unauthorized change of the category for an article...

CVE-2018-20562

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/articlecategory.php?rec=update has XSS via the catname parameter...

idreamsoft iCMS Cross-Site Request Forgery Vulnerability (CNVD-2018-09388)

idreamsoft iCMS is an open source content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in idreamsoft iCMS version 7.0. A remote attacker can add Column with the help of /admincp.php?app=articlecategory&do=save&frame=iPHP to exploit the...

CVE-2018-10222

An issue was discovered in idreamsoft iCMS V7.0. There is a CSRF vulnerability that can add a Column via /admincp.php?app=articlecategory&do=save&frame=iPHP...