EUVD-2022-47866

Malicious code in bioql PyPI...

CVE-2024-22938

Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute arbitrary code and escalate privileges via the init function in admin.class.php component...

CVE-2024-31613

BOSSCMS v3.10 is vulnerable to Cross Site Request Forgery CSRF in name="headcode" or name="footcode."...

PT-2024-24154 · Bosscms · Bosscms

Name of the Vulnerable Software and Affected Versions: BOSSCMS version 3.10 Description: The issue is related to Cross Site Request Forgery CSRF in the head code or foot code parameters. This means an attacker could potentially trick a user into performing unintended actions on the web applicatio...

CVE-2024-22938

Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute arbitrary code and escalate privileges via the init function in admin.class.php component...

CVE-2022-28606

An arbitrary file upload vulnerability exists in Wenzhou Huoyin Information Technology Co., Ltd. BossCMS 1.0, which can be exploited by an attacker to gain control of the server...

Arbitrary File Deletion Vulnerability in BossCMS of Wenzhou Huyin Information Technology Co.

BossCMS is a content management system based on self-developed PHP framework MySQL architecture developed by Wenzhou Huyin Information Technology Co. BossCMS has an arbitrary file deletion vulnerability, which can be exploited by attackers to delete arbitrary files...