ClassCMS 安全漏洞

ClassCMS is a simple, flexible, secure and easy-to-expand content management system from China ClassCMS Open Source. A security vulnerability exists in ClassCMS version 4.8 and earlier versions, which stems from improper handling of insufficient privileges...

CVE-2024-12503

A vulnerability classified as problematic was found in ClassCMS 4.8. Affected by this vulnerability is an unknown functionality of the file /index.php/admin of the component Model Management Page. The manipulation of the argument URL leads to cross site scripting. The attack can be launched...

CVE-2024-12503

A vulnerability classified as problematic was found in ClassCMS 4.8. Affected by this vulnerability is an unknown functionality of the file /index.php/admin of the component Model Management Page. The manipulation of the argument URL leads to cross site scripting. The attack can be launched...

CVE-2024-12503

The CVE-2024-12503 entry concerns ClassCMS 4.8, specifically an unknown functionality in the /index.php/admin page of the Model Management Page. The vulnerability allows cross-site scripting by manipulating the URL argument and can be exploited remotely; the exploit has been publicly disclosed. S...

CVE-2024-12503 ClassCMS Model Management Page admin cross site scripting

A vulnerability classified as problematic was found in ClassCMS 4.8. Affected by this vulnerability is an unknown functionality of the file /index.php/admin of the component Model Management Page. The manipulation of the argument URL leads to cross site scripting. The attack can be launched...

CVE-2024-12503 ClassCMS Model Management Page admin cross site scripting

A vulnerability classified as problematic was found in ClassCMS 4.8. Affected by this vulnerability is an unknown functionality of the file /index.php/admin of the component Model Management Page. The manipulation of the argument URL leads to cross site scripting. The attack can be launched...

ClassCMS 代码注入漏洞

ClassCMS is China ClassCMS open source a simple , flexible , secure , easy to expand the content management system . ClassCMS 4.8 version of the code injection vulnerability , an attacker can exploit the vulnerability leads to cross-site scripting attacks...

PT-2024-17630 · Classcms · Classcms

Name of the Vulnerable Software and Affected Versions: ClassCMS version 4.8 Description: A problematic vulnerability was found in ClassCMS, affecting an unknown functionality of the file /index.php/admin of the component Model Management Page. The manipulation of the URL argument leads to...

CVE-2024-48180

ClassCMS =4.8 is vulnerable to file inclusion in the nowView method in/class/cms/cms.php, which can include a file uploaded to the/class/template directory to execute PHP code...

CVE-2024-48180

ClassCMS =4.8 is vulnerable to file inclusion in the nowView method in/class/cms/cms.php, which can include a file uploaded to the/class/template directory to execute PHP code...

PT-2024-33014 · Classcms · Classcms

Name of the Vulnerable Software and Affected Versions: ClassCMS versions 4.8 and earlier Description: The issue allows for file inclusion in the nowView method in /class/cms/cms.php, which can include a file uploaded to the /class/template directory to execute PHP code. Recommendations: For...

ClassCMS 安全漏洞

ClassCMS is a simple, flexible, secure and easy-to-expand content management system from China ClassCMS Open Source. A security vulnerability exists in ClassCMS version 4.8. Attackers can exploit the vulnerability to execute PHP code...

CVE-2024-48180

ClassCMS =4.8 is vulnerable to file inclusion in the nowView method in/class/cms/cms.php, which can include a file uploaded to the/class/template directory to execute PHP code...

CVE-2024-48180

ClassCMS =4.8 is vulnerable to file inclusion in the nowView method in/class/cms/cms.php, which can include a file uploaded to the/class/template directory to execute PHP code...

CVE-2024-48180

CVE-2024-48180 affects ClassCMS versions ≤ 4.8. The issue is a file inclusion in the nowView method of /class/cms/cms.php, which can include a file uploaded to /class/template, allowing PHP code execution. Documented impact indicates high confidentiality, integrity, and availability impact with a...

CVE-2024-8145

A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by this issue is some unknown functionality of the file /index.php/admin of the component Article Handler. The manipulation of the argument Title leads to basic cross site scripting. The attack may be...

CVE-2024-8145

A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by this issue is some unknown functionality of the file /index.php/admin of the component Article Handler. The manipulation of the argument Title leads to basic cross site scripting. The attack may be...

CVE-2024-8145 ClassCMS Article admin cross site scripting

A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by this issue is some unknown functionality of the file /index.php/admin of the component Article Handler. The manipulation of the argument Title leads to basic cross site scripting. The attack may be...

CVE-2024-8145

CVE-2024-8145 affects ClassCMS 4.8. The root cause is a cross-site scripting vulnerability in the Article Handler’s /index.php/admin functionality, triggered by manipulating the Title parameter. Impact is basic XSS with complexity described as network-exploitable and requiring high privileges wit...

CVE-2024-8145 ClassCMS Article admin cross site scripting

A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by this issue is some unknown functionality of the file /index.php/admin of the component Article Handler. The manipulation of the argument Title leads to basic cross site scripting. The attack may be...