130 matches found
CVE-2026-30452
Textpattern CMS 4.9.0 contains a Broken Access Control vulnerability in the article management system that allows authenticated users with low privileges to modify articles owned by users with higher privileges. By manipulating the article ID parameter during the duplicate-and-save workflow in...
Textpattern CMS 安全漏洞
Textpattern CMS is a content management system based on PHP developed by the Textpattern team. Version 4.9.0 of Textpattern CMS has a security vulnerability. This vulnerability stems from an access control flaw in the article management system, which may allow users with low privileges to modify...
CVE-2026-30452
Textpattern CMS 4.9.0 contains a Broken Access Control vulnerability in the article management system that allows authenticated users with low privileges to modify articles owned by users with higher privileges. By manipulating the article ID parameter during the duplicate-and-save workflow in...
phpok3w SQL注入漏洞
phpok3w is an article management system by the individual developer of sunbingzibo. A SQL injection vulnerability exists in phpok3w, which stems from incorrect manipulation of the parameter ID in the file show.php, which may lead to SQL injection...
CVE-2025-64048
YCCMS 3.4 contains a stored cross-site scripting XSS vulnerability in the article management functionality. The vulnerability exists in the add and getPost functions within the ArticleAction.class.php file due to improper neutralization of user input in the article title field...
EUVD-2025-198986
YCCMS 3.4 contains a stored cross-site scripting XSS vulnerability in the article management functionality. The vulnerability exists in the add and getPost functions within the ArticleAction.class.php file due to improper neutralization of user input in the article title field...
CVE-2025-64048
YCCMS 3.4 contains a stored cross-site scripting XSS vulnerability in the article management functionality. The vulnerability exists in the add and getPost functions within the ArticleAction.class.php file due to improper neutralization of user input in the article title field...
CVE-2025-64048
YCCMS 3.4 contains a stored cross-site scripting XSS vulnerability in the article management functionality. The vulnerability exists in the add and getPost functions within the ArticleAction.class.php file due to improper neutralization of user input in the article title field...
CVE-2025-64048
YCCMS 3.4 contains a stored cross-site scripting XSS vulnerability in the article management functionality. The vulnerability exists in the add and getPost functions within the ArticleAction.class.php file due to improper neutralization of user input in the article title field...
CVE-2025-64048
YCCMS 3.4 contains a stored cross-site scripting XSS vulnerability in the article management functionality. The vulnerability exists in the add and getPost functions within the ArticleAction.class.php file due to improper neutralization of user input in the article title field...
PT-2025-47955
YCCMS 3.4 contains a stored cross-site scripting XSS vulnerability in the article management functionality. The vulnerability exists in the add and getPost functions within the ArticleAction.class.php file due to improper neutralization of user input in the article title field...
CVE-2025-64048
Affected software/component: YCCMS 3.4, specifically the article management functionality in ArticleAction.class.php. Vulnerability: Stored cross-site scripting (XSS) in the article title input. The root cause is improper neutralization/validation of user-supplied data in the add() and getPost() ...
EUVD-2018-9173
Malware in sbrugna...
EUVD-2020-13134
Malware in sbrugna...
EUVD-2018-10805
Malware in sbrugna...
EUVD-2007-3923
Malware in sbrugna...
EUVD-2021-32734
Malicious code in bioql PyPI...
EUVD-2022-31844
Malicious code in bioql PyPI...
EUVD-2023-53445
Malicious code in bioql PyPI...
EUVD-2025-16561
Malicious code in bioql PyPI...