7 matches found
CVE-2024-31011
Arbitrary file write vulnerability in beescms v.4.0, allows a remote attacker to execute arbitrary code via a file path that was not isolated and the suffix was not verified in admintemplate.php...
Privilege escalation
BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file...
CVE-2020-23572
BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file...
BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin)
Exploit Title: A CSRF vulnerability exists in BEESCMSV4.0: The administrator can be added arbitrarily. Date: 2018-06-25 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9226389.html Software Link: http://www.beescms.com/ Version: BEESCMS - V4.0 CVE : CVE-2018-12739 A CSRF...
BEESCMS V4.0_R_20160525全局变量覆盖导致前台getshell
...
BEESCMS V4.0的文件member.php存在多处注入漏洞
No description provided by source...
Beescms V4.0 在文件mx_form.php处存在后台登陆绕过漏洞
No description provided by source...