81 matches found
Cross site scripting
A vulnerability was found in CLTPHP up to 6.0. It has been declared as problematic. Affected by this vulnerability is the POST Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2022-1085 CLTPHP POST Parameter cross site scripting
A vulnerability was found in CLTPHP up to 6.0. It has been declared as problematic. Affected by this vulnerability is the POST Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2022-1085 CLTPHP POST Parameter cross site scripting
A vulnerability was found in CLTPHP up to 6.0. It has been declared as problematic. Affected by this vulnerability is the POST Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2022-1085
CVE-2022-1085 concerns CLTPHP up to v6.0. The vulnerability implicates the POST Parameter Handler, enabling cross-site scripting via remote manipulation. Multiple connected sources (NVD entry, Red Hat advisory, CVE records, and related risk enrichments) consistently describe the flaw as a client-...
CLTPHP 跨站脚本漏洞
CLTPHP is an open source PHP content management system for efficient website building. CLTPHP suffers from a cross-site scripting vulnerability that allows an attacker to inject arbitrary html and script code into a website...
Arbitrary File Deletion Vulnerability in CLTPHP
CLTPHP is a PHP content management system and an open source CMS system. CLTPHP has an arbitrary file deletion vulnerability that can be exploited by an attacker to delete arbitrary files...
SQL Injection Vulnerability in CLTPHP (CNVD-2021-46734)
CLTPHP is a website builder based on thinkphp. CLTPHP suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
Command Execution Vulnerability in CLTPHP
CLTPHP is a website building system based on thinkphp. CLTPHP has a command execution vulnerability, through which an attacker can obtain server privileges...
SQL Injection Vulnerability in CLTPHP (CNVD-2021-47679)
CLTPHP is a website building system based on thinkphp. CLTPHP suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
SQL Injection Vulnerability in CLTPHP (CNVD-2021-46595)
CLTPHP is a website builder based on thinkphp. CLTPHP suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
SQL Injection Vulnerability in CLTPHP (CNVD-2021-46596)
CLTPHP is a website builder based on thinkphp. CLTPHP suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
SQL Injection Vulnerability in CLTPHP
CLTPHP is a website builder based on thinkphp. CLTPHP suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
Arbitrary File Deletion Vulnerability in CLTPHP Open Source Edition
CLTPHP content management system is an efficient site-building PHP content management system , but also an open source CMS system . CLTPHP open source version of the arbitrary file deletion vulnerability, an attacker can exploit the vulnerability on the integrity of the system...
Arbitrary File Read Vulnerability in CLTPHP Open Source Edition
CLTPHP content management system is an efficient site-building PHP content management system , but also an open source CMS system . CLTPHP open source version of the existence of arbitrary file reading vulnerability , an attacker can exploit the vulnerability to read any file on the server...
File Deletion Vulnerability in CLTPHP Open Source Edition
CLTPHP is a content management system based on ThinkPHP5 development with Layui framework in the backend. CLTPHP open source version exists file deletion vulnerability. An attacker can exploit the vulnerability to delete arbitrary files , resulting in a program crash...
File upload vulnerability in CLTPHP backend
CLTPHP is a content management system based on ThinkPHP5 development with Layui framework in the backend. A file upload vulnerability exists in the CLTPHP backend. An attacker can exploit the vulnerability to write php files and gain server privileges...
File Upload Vulnerability in CLTPHP "System Settings in the Backend of the Site"
CLTPHP is a content management system based on ThinkPHP5 development with Layui framework in the backend. A file upload vulnerability exists in the "System Settings in the backend of the website" of CLTPHP. The vulnerability allows attackers to upload webshell and gain server privileges...
xml entity injection vulnerability in CLTPHP version 5.5.3
CLTPHP is a content management system developed in ThinkPHP with the Layui framework in the backend. CLTPHP version 5.5.3 has an XML entity injection vulnerability in the program implementation, which can be exploited by attackers to read arbitrary files, execute system commands, probe intranet...
Directory Traversal Vulnerability in CLTPHP Version 5.5.3
CLTPHP is a content management system based on ThinkPHP5 development with Layui framework in the backend. A directory traversal vulnerability exists in CLTPHP version 5.5.3, which can be exploited by attackers to obtain sensitive information...
Arbitrary File Download Vulnerability in CLTPHP Version 5.5.3
CLTPHP is a content management system based on ThinkPHP5 development with Layui framework in the backend. CLTPHP 5.5.3 version exists arbitrary file download vulnerability, an attacker can exploit the vulnerability to construct parameters to download arbitrary server files, such as script code,...