8 matches found
CVE-2024-44724
AutoCMS v5.4 was discovered to contain a PHP code injection vulnerability via the txtsiteurl parameter at /admin/siteadd.php. This vulnerability allows attackers to execute arbitrary PHP code via injecting a crafted value...
CVE-2024-44725
AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at /admin/robot.php...
CVE-2024-44724
AutoCMS v5.4 was discovered to contain a PHP code injection vulnerability via the txtsiteurl parameter at /admin/siteadd.php. This vulnerability allows attackers to execute arbitrary PHP code via injecting a crafted value...
CVE-2024-44725
AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at /admin/robot.php...
CVE-2024-44724
AutoCMS v5.4 is affected by a PHP code injection vulnerability exposed via the txtsite_url parameter in /admin/site_add.php. Exploitation allows executing arbitrary PHP code, as described across multiple sources (e.g., Red Hat and CNNVD entries). The issue is tied to an input parameter in the API...
CVE-2024-44725
AutoCMS v5.4 is affected by a SQL injection in the sidebar parameter of /admin/robot.php. This CVE (CVE-2024-44725) is documented with a high impact (C/H I/H A/H) and CVSS v3.1 score of 7.2. Root cause: lack of input validation in the sidebar parameter leading to SQL statement manipulation. Explo...
CVE-2024-44724
AutoCMS v5.4 was discovered to contain a PHP code injection vulnerability via the txtsiteurl parameter at /admin/siteadd.php. This vulnerability allows attackers to execute arbitrary PHP code via injecting a crafted value...
CVE-2024-44725
AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at /admin/robot.php...