ClassCMS has a code execution vulnerability

ClassCMS is a content management system. ClassCMS suffers from a code execution vulnerability that could be exploited by attackers to gain control of the server...

ClassCMS Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in ClassCMS v2.5 and prior versions of ClassCMS, a simple, flexible, secure, and easily extensible content management system in China. The vulnerability stems from a lack of user-supplied data and output data validation filtering in the Add Articles fie...

CVE-2022-25582

A stored cross-site scripting XSS vulnerability in the Column module of ClassCMS v2.5 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Articles field...

CVE-2022-25582

A stored cross-site scripting XSS vulnerability in the Column module of ClassCMS v2.5 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Articles field...

CVE-2022-25582

A stored cross-site scripting XSS vulnerability in the Column module of ClassCMS v2.5 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Articles field...

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Column module of ClassCMS v2.5 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Articles field...

CVE-2022-25582

A stored cross-site scripting XSS vulnerability in the Column module of ClassCMS v2.5 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Articles field...

CVE-2022-25582

CVE-2022-25582 describes a stored cross-site scripting (XSS) vulnerability in the ClassCMS Column module, affecting v2.5 and earlier. The root cause is insufficient validation/filtering of user-supplied data in the Add Articles field, allowing an attacker to inject arbitrary script or HTML that i...

ClassCMS 跨站脚本漏洞

A cross-site scripting vulnerability exists in ClassCMS v2.5 and prior versions of ClassCMS, a simple, flexible, secure, and easily extensible content management system in China. The vulnerability stems from a lack of user-supplied data and output data validation filtering in the Add Articles fie...

CVE-2022-25581

Classcms v2.5 and below contains an arbitrary file upload via the component \class\classupload. This vulnerability allows attackers to execute code injection via a crafted .txt file...

CVE-2022-25581

Classcms v2.5 and below contains an arbitrary file upload via the component \class\classupload. This vulnerability allows attackers to execute code injection via a crafted .txt file...

CVE-2022-25581

Classcms v2.5 and below contains an arbitrary file upload via the component \class\classupload. This vulnerability allows attackers to execute code injection via a crafted .txt file...

Code injection

Classcms v2.5 and below contains an arbitrary file upload via the component \class\classupload. This vulnerability allows attackers to execute code injection via a crafted .txt file...

CVE-2022-25581

Classcms v2.5 and below contains an arbitrary file upload via the component \class\classupload. This vulnerability allows attackers to execute code injection via a crafted .txt file...

CVE-2022-25581

CVE-2022-25581 affects Classcms v2.5 and earlier. The issue is an arbitrary file upload via the class\classupload component, which can allow code execution through a crafted .txt file. The vulnerability is documented across multiple feeds (NVD/Red Hat/OSV etc.) with no publicly provided patch det...

Classcms 代码问题漏洞

ClassCMS is a simple, flexible, secure and easy to expand content management system from China. A security vulnerability exists in Classcms v2.5 and lower versions, where an attacker can perform code injection by uploading a carefully crafted .txt file via the component classclassupload...

File upload vulnerability in ClassCMS backend (CNVD-2021-35844)

ClassCMS is a content management system. A file upload vulnerability exists in the ClassCMS backend. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...

File Upload Vulnerability in ClassCMS

ClassCMS is a content management system. A file upload vulnerability exists in ClassCMS, which allows an attacker to upload a malicious file to getshell...

File Upload Vulnerability in ClassCMS Backend

ClassCMS is a content management system. A file upload vulnerability exists in the ClassCMS backend. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...