15 matches found
EUVD-2018-8298
Malware in sbrugna...
EUVD-2025-28632
Malicious code in bioql PyPI...
📄 OpenCMS 17.0 Cross Site Scripting
OpenCMS version 17.0 suffers from a persistent cross site scripting vulnerability. Exploit Title: OpenCMS 17.0 - Stored Cross Site Scripting XSS Date: 24-11-2024 Exploit Author: Siddhartha Naik Vendor Homepage: http://www.opencms.org/en/ Software Link:...
CVE-2024-33338
Cross Site Scripting vulnerability in jizhicms v.2.5.4 allows a remote attacker to obtain sensitive information via a crafted article publication request...
CVE-2024-33338
Cross Site Scripting vulnerability in jizhicms v.2.5.4 allows a remote attacker to obtain sensitive information via a crafted article publication request...
CVE-2024-33338
CVE-2024-33338 concerns jizhicms v2.5.4. The vulnerability is a Cross Site Scripting (XSS) flaw where content submitted via a crafted article publication request can disclose sensitive information. Red Hat and other sources corroborate XSS in jizhicms, noting that the content filtering happens cl...
CVE-2024-33338
Cross Site Scripting vulnerability in jizhicms v.2.5.4 allows a remote attacker to obtain sensitive information via a crafted article publication request...
JIZHICMS 跨站脚本漏洞
Extreme Networks Technology JIZHICMS Extreme CMS is an open source content management system CMS from China's Extreme Networks Technology. A security vulnerability exists in JIZHICMS version v2.4.6, which stems from the presence of a Cross-Site Scripting Attack XSS vulnerability that allows an...
CVE-2023-31862
jizhicms v2.4.6 is vulnerable to Cross Site Scripting XSS. The content of the article published in the front end is only filtered in the front end, without being filtered in the background, which allows attackers to publish an article containing malicious JavaScript scripts by modifying the reque...
CVE-2020-20943
A Cross-Site Request Forgery CSRF in /member/post.php?job=postnew&step=post of Qibosoft v7 allows attackers to force victim users into arbitrarily publishing new articles via a crafted URL...
Cross site request forgery (csrf)
An issue was discovered in baigo CMS v2.1.1. There is an index.php?m=article&c=request CSRF that can cause publication of any article...
CVE-2018-16458
An issue was discovered in baigo CMS v2.1.1. There is an index.php?m=article&c=request CSRF that can cause publication of any article...
CVE-2018-16458
Baigo CMS v2.1.1 is affected by a Cross-Site Request Forgery in the index.php?m=article&c=request endpoint, enabling publication of arbitrary articles. The issue is described consistently across multiple sources (NVD/CNVD/PRION/CVEs) as a CSRF in baigo CMS 2.1.1 that can cause published content w...
Mao10cms最新版本存在CSRF越权导致管理员发表文章
简要描述: Mao10cms最新版本存在CSRF越权导致管理员发表文章 详细说明: 进入后台。看看发表文章是怎么的。 先打开burp顺便把包截取了 None 漏洞证明: 打开它后。。...
齐博CMS任意文件读取(鸡肋,需注册)
简要描述: RT 详细说明: 漏洞一:鸡肋的getshell需注册并能发布文章,需配合apache、iis6解析漏洞 文件 /inc/articfunction.php //采集外部图片 function getoutpic$str,$fid=0,$getpic=1 global $webdb,$lfjuid; if!$getpic return $str; pregmatchall"/http://^ '"+.gif|jpg|png/is",$str,$array; $filedb=$array0; foreach $filedb AS $key=$value if...