2025-06 Dynamic Cumulative Update for Windows 10 Version 22H2 for ARM64-based Systems (KB5060533)

ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...

emlog 代码注入漏洞

emlog is emlog open source PHP and MySQL based on a set of CMS site building system . emlog 2.5.7 and previous versions of the code injection vulnerability , the vulnerability stems from the file /admin/article.php parameter activepost in the wrong operation leads to cross-site scripting...

The vulnerability of the get_article_urls() function in the KnowledgeBaseWebReader class of the LlamaIndex framework for working with large language models allows a attacker to trigger a service denial.

The vulnerability of the getarticleurls function in the KnowledgeBaseWebReader class of the LlamaIndex framework, which is used for working with large language models, is related to an uncontrolled resource consumption when processing the maxdepth parameter. Exploiting this vulnerability could...

CVE-2025-5569

A vulnerability was found in IdeaCMS up to 1.7 and classified as critical. This issue affects the function Article/Goods of the file /api/v1.index.article/getList.html. The manipulation of the argument Field leads to sql injection. The attack may be initiated remotely. Upgrading to version 1.8 is...

CVE-2025-5383

A vulnerability was found in Yifang CMS up to 2.0.2 and classified as problematic. Affected by this issue is some unknown functionality of the component Article Management Module. The manipulation of the argument Default Value leads to cross site scripting. The attack may be launched remotely. Th...

CVE-2025-5383

A vulnerability was found in Yifang CMS up to 2.0.2 and classified as problematic. Affected by this issue is some unknown functionality of the component Article Management Module. The manipulation of the argument Default Value leads to cross site scripting. The attack may be launched remotely. Th...

CVE-2025-5383

A vulnerability was found in Yifang CMS up to 2.0.2 and classified as problematic. Affected by this issue is some unknown functionality of the component Article Management Module. The manipulation of the argument Default Value leads to cross site scripting. The attack may be launched remotely. Th...

CVE-2025-5383

CVE-2025-5383 affects Yifang CMS up to version 2.0.2, specifically the Article Management Module. The vulnerability arises from manipulation of the Default Value argument, enabling cross-site scripting. The issue can be exploited remotely and exploits have been disclosed publicly. No patch/versio...

CVE-2025-5383 Yifang CMS Article Management Module cross site scripting

A vulnerability was found in Yifang CMS up to 2.0.2 and classified as problematic. Affected by this issue is some unknown functionality of the component Article Management Module. The manipulation of the argument Default Value leads to cross site scripting. The attack may be launched remotely. Th...

CVE-2025-5383 Yifang CMS Article Management Module cross site scripting

A vulnerability was found in Yifang CMS up to 2.0.2 and classified as problematic. Affected by this issue is some unknown functionality of the component Article Management Module. The manipulation of the argument Default Value leads to cross site scripting. The attack may be launched remotely. Th...

PT-2025-23407 · Unknown · Yifang Cms

Name of the Vulnerable Software and Affected Versions: Yifang CMS versions up to 2.0.2 Description: A vulnerability was found in the Article Management Module of Yifang CMS, where the manipulation of the Default Value argument leads to cross-site scripting. The attack may be launched remotely. Th...

CVE-2025-5155

A vulnerability has been found in qianfox FoxCMS 1.2.5 and classified as critical. Affected by this vulnerability is the function batchCope of the file app/admin/controller/Article.php. The manipulation of the argument ids leads to sql injection. The attack can be launched remotely. The exploit h...

FoxCMS 注入漏洞

FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS company. An injection vulnerability exists in FoxCMS version 1.2.5, which is caused by incorrect manipulation of the parameter ids in the file app/admin/controller/Article.php resulting in SQL injection...

CVE-2024-8145

A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by this issue is some unknown functionality of the file /index.php/admin of the component Article Handler. The manipulation of the argument Title leads to basic cross site scripting. The attack may be...

CVE-2024-33668

An issue was discovered in Zammad before 6.3.0. The Zammad Upload Cache uses insecure, partially guessable FormIDs to identify content. An attacker could try to brute force them to upload malicious content to article drafts they have no access to...

CVE-2024-39174

A cross-site scripting XSS vulnerability in the Publish Article function of yzmcms v7.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a published article...

CVE-2024-28678

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /dede/articledescriptionmain.php...

CVE-2024-28677

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /dede/articlekeywordsmain.php...

CVE-2024-25381

There is a Stored XSS Vulnerability in Emlog Pro 2.2.8 Article Publishing, due to non-filtering of quoted content...

CVE-2024-22714

Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...