PT-2025-49143

This vulnerability fundamentally arises from yzcheng90 X-SpringBoot 6.0's implementation of role-based access control RBAC through dual dependency on frontend menu systems and backend permission tables, without enforcing atomic synchronization between these components. The critical flaw manifests...

CVE-2025-57759

Contao is an Open Source CMS. In versions starting from 5.3.0 and prior to 5.3.38 and 5.6.1, under certain conditions, back end users may be able to edit fields of pages and articles without having the necessary permissions. This issue has been patched in versions 5.3.38 and 5.6.1. There are no...

New Web CMS suffers from an override access vulnerability

Linyi Xinnet Network Technology Co., Ltd. is a network application service provider for the majority of government and enterprises and institutions to provide enterprise website construction, website optimization, network promotion, Linyi SEO, mobile station, micro letter marketing, domain name...

Espcms V5. 6. 1 3. 0 4. 2 2 UTF8 the official version of the background logic validation error vulnerability of the 2/N-vulnerability warning-the black bar safety net

Brief description: System backend permission check logic problems, resulting in the background of a module function is bypassed and unauthorized access Detailed description: 后台 管理员 权限 校验 在 文件 \public\classconnector.php: function adminpurview if $this-fun-accept'archive', 'R' == 'filemanage' &&...