CVE-2024-50054

The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system...

CVE-2019-19712

Contao CMS vulnerability CVE-2019-19712 affects Contao 4.0–4.8.5 where backend users can manipulate the details view URL to reveal pages/articles not enabled for them, indicating an information-disclosure issue due to insecure permissions in the backend. Affected versions include 4.0 through 4.8....

Remote code execution

Remote Code Execution vulnerability in symphony/content/content.blueprintsdatasources.php in Symphony CMS through 2.6.11 allows remote attackers to execute code and get a webshell from the back-end. The attacker must be authenticated and enter PHP code in the datasource editor or event editor...

phpyun设计缺陷可用别的账户money付款，清空别的账户money为0

简要描述： 后台在处理订单的时候，直接获取cookie中的uid，此uid可以伪造成他人的uid，导致可用他人的money付款。 经过测试，虽然自己并不能获得支付成功的积分，但是可以扣除他人账户余额。 详细说明： 漏洞文件\api\tenpay\index.php: $sql=$db-query"select from ".$dbconfig"def"."companyorder where orderid='$POSTdingdan'"; $row=mysqlfetcharray$sql; //通过订单编号获取点单价格 $userid=int$COOKIE'uid';...

[20110902] - Core - XSS Vulnerability

Inadequate escaping leads to XSS vulnerability in back end...