47 matches found
Atom CMS 1.0.2 Shell Upload
Exploit Title: Atom CMS 2.0 - Remote Code Execution RCE Date: 22.03.2022 Exploit Author: Ashish Koli Shikari Vendor Homepage: https://thedigitalcraft.com/ Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Ubuntu 20.04.3 LTS CVE: CVE-2022-25487 Description This script...
Atom CMS 2.0 - Remote Code Execution Exploit
Exploit Title: Atom CMS 2.0 - Remote Code Execution RCE Exploit Author: Ashish Koli Shikari Vendor Homepage: https://thedigitalcraft.com/ Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Ubuntu 20.04.3 LTS CVE: CVE-2022-25487 Description This script uploads...
Atom CMS 2.0 - Remote Code Execution (RCE)
Exploit Title: Atom CMS 2.0 - Remote Code Execution RCE Date: 22.03.2022 Exploit Author: Ashish Koli Shikari Vendor Homepage: https://thedigitalcraft.com/ Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Ubuntu 20.04.3 LTS CVE: CVE-2022-25487 Description This script...
Atom CMS SQL Injection Vulnerability
Atom CMS is a content management system. A SQL injection vulnerability exists in Atom CMS version 2.0, which stems from a missing validation of external input SQL statements in the id parameter of /admin/ajax/avatar.php. An attacker could use this vulnerability to execute illegal SQL commands to...
Atom CMS Cross-Site Scripting Vulnerability (CNVD-2022-84074)
Atom CMS, a content management system, is vulnerable to a cross-site scripting vulnerability in Atom CMS v2.0. The vulnerability is caused by a cross-site scripting vulnerability that contains a reflection in the "A" parameter in /widgets/debug.php. An attacker could exploit this vulnerability to...
CVE-2022-25489
Atom CMS v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the "A" parameter in /widgets/debug.php...
CVE-2022-25488
Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php...
CVE-2022-25487
Atom CMS v2.0 was discovered to contain a remote code execution RCE vulnerability via /admin/uploads.php...
CVE-2022-25489
Atom CMS v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the "A" parameter in /widgets/debug.php...
CVE-2022-25487
Atom CMS v2.0 was discovered to contain a remote code execution RCE vulnerability via /admin/uploads.php...
CVE-2022-25487
Atom CMS v2.0 was discovered to contain a remote code execution RCE vulnerability via /admin/uploads.php...
CVE-2022-25489
Atom CMS v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the "A" parameter in /widgets/debug.php...
CVE-2022-25488
Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php...
Sql injection
Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php...
Cross site scripting
Atom CMS v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the "A" parameter in /widgets/debug.php...
Remote code execution
Atom CMS v2.0 was discovered to contain a remote code execution RCE vulnerability via /admin/uploads.php...
CVE-2022-25487
Atom CMS v2.0 was discovered to contain a remote code execution RCE vulnerability via /admin/uploads.php...
CVE-2022-25487
Atom CMS v2.0 contains a remote code execution (RCE) vulnerability exploitable via /admin/uploads.php. The Nuclei template and CIRCL/CVE records confirm the issue stems from improper handling in the uploads path, enabling arbitrary code execution on the affected system. Impact is described as ful...
CVE-2022-25488
Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php...
CVE-2022-25488
Atom CMS v2.0 contains a SQL injection via the id parameter in /admin/ajax/avatar.php. The vulnerability arises from unsafely concatenated SQL in this endpoint, enabling arbitrary SQL execution and potentially data disclosure or modification. Public descriptions from multiple sources corroborate ...