12 matches found
CVE-2025-15495
A vulnerability was found in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/editsite.php. The manipulation of the argument image results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. The vendor...
CVE-2025-15495 BiggiDroid Simple PHP CMS editsite.php unrestricted upload
A vulnerability was found in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/editsite.php. The manipulation of the argument image results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. The vendor...
CVE-2025-15263
A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been made...
CVE-2025-15263
A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been made...
CVE-2025-15263 BiggiDroid Simple PHP CMS Admin Login login.php sql injection
A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been made...
CVE-2025-15262
A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing a manipulation of the argument image results in unrestricted upload. Remote exploitation of the attack is possible. The...
CVE-2025-15262 BiggiDroid Simple PHP CMS Site Logo edit.php unrestricted upload
A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing a manipulation of the argument image results in unrestricted upload. Remote exploitation of the attack is possible. The...
CVE-2025-15262
CVE-2025-15262 affects BiggiDroid Simple PHP CMS 1.0, in the Site Logo Handler component (file /admin/edit.php). Manipulating the image argument reportedly yields unrestricted upload, enabling remote exploitation. Multiple sources confirm the exploit has been released publicly and may be exploite...
CVE-2025-15169
A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected by this issue is some unknown functionality of the file /admin/editsite.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made availabl...
CVE-2025-15169 BiggiDroid Simple PHP CMS editsite.php sql injection
A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected by this issue is some unknown functionality of the file /admin/editsite.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made availabl...
CVE-2025-15169
A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected by this issue is some unknown functionality of the file /admin/editsite.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made availabl...
BiggiDroid Simple PHP CMS SQL注入漏洞
BiggiDroid Simple PHP CMS is a content management system from BiggiDroid open source. A SQL injection vulnerability exists in BiggiDroid Simple PHP CMS version 1.0, which stems from incorrect manipulation of the parameter ID in the file /admin/editsite.php, which can lead to SQL injection...