Exploit for CVE-2025-64049

CVE-Disclosures Welcome to the CVE disclosures section of thi...

CVE-2024-10478

A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms up to 2.0.1. This issue affects some unknown processing of the file /adminarticle/edit?id=2 of the component Edit Article Handler. The manipulation leads to cross site scripting. The attack may be initiated...

Maybecms 代码注入漏洞

Maybecms is a web application in the Upgradeextension open source. A code injection vulnerability exists in Maybecms version 1.2, which stems from the parameter datainfocontent in the file /mb/admin/index.php?u=article-edit can lead to cross-site scripting...

REDAXO 代码注入漏洞

REDAXO is REDAXO open source a content management system . REDAXO 5.18.1 version of the existence of code injection vulnerability , the vulnerability stems from the file / index.php?page=structure&categoryid=1&articleid=1&clang=1&function=editart&artstart=0 of Article Name parameter can lead to...

CVE-2024-10478

A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms up to 2.0.1. This issue affects some unknown processing of the file /adminarticle/edit?id=2 of the component Edit Article Handler. The manipulation leads to cross site scripting. The attack may be initiated...

Multiple vulnerabilities in baserCMS

Overview baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability due to inappropriate Slug handling on Article Edit CWE-79 - CVE-2024-46996 Stored cross-site scripting vulnerability on Edit Email Form Settings CWE-79 ...

JVN#00876083: Multiple vulnerabilities in baserCMS

baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability due to inappropriate Slug handling on Article Edit CWE-79 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score 5.4 CVE-2024-46996 Stored cross-site scripting...

CVE-2024-28676

DedeCMS v5.7 was discovered to contain a cross-site scripting XSS vulnerability via /dede/articleedit.php...

CVE-2024-28432

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /dede/articleedit.php...

PT-2024-22517 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A cross-site scripting XSS issue was found in DedeCMS. The issue is related to the /dede/article edit.php API endpoint. Recommendations: For DedeCMS version 5.7, as a temporary workaround, consider restricting...

Desdev DedeCMS Security Breach

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has the functions of content publishing, content management, content editing and content retrieval. A security vulnerability exists ...

Desdev DedeCMS Security Breach

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has the functions of content publishing, content management, content editing and content retrieval. A security vulnerability exists ...

PT-2024-22433 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A Cross-Site Request Forgery CSRF issue was found in the /dede/article edit.php component. This allows for malicious requests to be made on behalf of the user. Recommendations: For DedeCMS version 5.7, as a...

CVE-2023-5032

A vulnerability was found in OpenRapid RapidCMS 1.3.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/article/article-edit-run.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit...

Sql injection

A vulnerability was found in OpenRapid RapidCMS 1.3.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/article/article-edit-run.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2023-5032 OpenRapid RapidCMS article-edit-run.php sql injection

A vulnerability was found in OpenRapid RapidCMS 1.3.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/article/article-edit-run.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2023-5032 OpenRapid RapidCMS article-edit-run.php sql injection

A vulnerability was found in OpenRapid RapidCMS 1.3.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/article/article-edit-run.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit...

PT-2023-31529 · Openrapid · Openrapid Rapidcms

Name of the Vulnerable Software and Affected Versions: OpenRapid RapidCMS version 1.3.1 Description: A critical issue affects some unknown functionality of the file /admin/article/article-edit-run.php, where the manipulation of the id argument leads to SQL injection. This issue can be exploited...

OpenRapid RapidCMS SQL Injection Vulnerability

OpenRapid RapidCMS is OpenRapid open source a fast and easy to use CMS system. OpenRapid RapidCMS version 1.3.1 SQL injection vulnerability , the vulnerability stems from the file /admin/article/article-edit-run.php SQL injection vulnerability...

CVE-2023-31940

SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the pageid parameter at articleedit.php...