CVE-2024-44839

RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the articleid parameter at /default/article.php...

CVE-2024-10478

A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms up to 2.0.1. This issue affects some unknown processing of the file /adminarticle/edit?id=2 of the component Edit Article Handler. The manipulation leads to cross site scripting. The attack may be initiated...

CVE-2024-13202

A vulnerability was found in wander-chu SpringBoot-Blog 1.0 and classified as problematic. This issue affects the function modifiyArticle of the file src/main/java/com/my/blog/website/controller/admin/PageController.java of the component Blog Article Handler. The manipulation of the argument...

CVE-2024-48177

MRCMS 3.1.2 contains a SQL injection vulnerability via the RID parameter in /admin/article/delete.do...

CVE-2023-0243

A vulnerability classified as critical has been found in TuziCMS 2.0.6. This affects the function index of the file App\Manage\Controller\ArticleController.class.php of the component Article Module. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...

CVE-2023-30751

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in iControlWP Article Directory Redux plugin = 1.0.2 versions...

CVE-2023-41619

Emlog Pro v2.1.14 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/article.php?action=write...

CVE-2023-49484

Dreamer CMS v4.1.3 was discovered to contain a cross-site scripting XSS vulnerability in the article management department...

CVE-2023-33942

Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...

CVE-2023-29639

Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString...

CVE-2023-6762

A vulnerability, which was classified as critical, was found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file /article/DelectArticleById/ of the component Article Handler. The manipulation leads to permission issues. It is possible to launch the attack remotely. The exploit ha...

CVE-2023-30205

A stored cross-site scripting XSS vulnerability in DouPHP v1.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the uniqueid parameter in /admin/article.php...

CVE-2023-0422

The Article Directory WordPress plugin through 1.3 does not properly sanitize the publishtermstext setting before displaying it in the administration panel, which may enable administrators to conduct Stored XSS attacks in multisite contexts...

CVE-2023-30338

Multiple stored cross-site scripting XSS vulnerabilities in Emlog Pro v2.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Article Title or Article Summary parameters...

CVE-2023-27090

Cross Site Scripting vulnerability found in TeaCMS storage allows attacker to cause a leak of sensitive information via the article title parameter...

CVE-2022-45541

EyouCMS = 1.6.0 was discovered a reflected-XSS in the article attribute editor component in POST value "value" if the value contains a non-integer char...

CVE-2022-43468

External initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore the vulnerable product accepts untrusted external inputs to update certain internal variables. As a result, the number of views for an article may be manipulate...

CVE-2022-40001

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page...

CVE-2022-45537

EyouCMS = 1.6.0 was discovered a reflected-XSS in the article publish component in cookie "ENVLISTURL"...

CVE-2022-27341

JFinalCMS v2.0 was discovered to contain a SQL injection vulnerability via the Article Management function...