CVE-2023-53975

Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the 'id' parameter of the admin index page to execute time-based blind SQL injection attacks...

CVE-2024-44657

PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the fromdate and todate parameters in between-date-userreport.php...

EUVD-2025-26526

Malicious code in bioql PyPI...

CVE-2023-1398

A vulnerability classified as critical was found in XiaoBingBy TeaCMS 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/upload. The manipulation leads to path traversal: '../filedir'. The attack can be launched remotely. The exploit has been disclosed to the publi...

CVE-2025-3386

A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /adminlinks of the component Friendship Link Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The...

SLiMS CMS 2.0 SQL Injection

==================================================================================================================================== | Title : SLiMS CMS v2.0 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendor ...

eStore CMS 2.0 SQL Injection

==================================================================================================================================== | Title : eStore CMS v2.0 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendor...

CVE-2024-0776

A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms 2.0. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation with the input leads to cross site scripting. The attack may be launched remotely. The exploit ha...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms 2.0. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation with the input leads to cross site scripting. The attack may be launched remotely. The exploit ha...

CVE-2024-0776

CVE-2024-0776 affects LinZhaoguan pb-cms 2.0, specifically the Comment Handler component. A cross-site scripting vulnerability is triggered by manipulating input, e.g. , with remote exploitation reportedly possible and the exploit disclosed publicly. Multiple connected sources corroborate the iss...

Italia Mediasky CMS 2.0 Cross Site Scripting

==================================================================================================================================== | Title : İtalia Mediasky CMS v2.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | |...

i2soft CMS 2.0 Insecure Direct Object Reference

==================================================================================================================================== | Title : i2soft CMS v2.0 Insecure Direct Object Reference Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefo...

CVE-2022-4353

A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this vulnerability is the function IpUtil.getIpAddr. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be use...

Cross site scripting

A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this vulnerability is the function IpUtil.getIpAddr. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be use...

Cross site scripting

A vulnerability was found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /blog/comment of the component Message Board. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has be...

CVE-2022-4353

CVE-2022-4353 affects LinZhaoguan pb-cms 2.0, specifically the IpUtil.getIpAddr function. The vulnerability allows cross-site scripting and can be exploited remotely, with exploitation publicly disclosed (VDB-215113). Several connected sources corroborate XSS via IpUtil.getIpAddr and remote attac...

CVE-2022-28033

Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMSadminuploads.php...

CVE-2022-28035

Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMSadminajaxblur-save.php...

CVE-2022-28035

Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMSadminajaxblur-save.php...

Atom CMS 2.0 - Remote Code Execution Exploit

Exploit Title: Atom CMS 2.0 - Remote Code Execution RCE Exploit Author: Ashish Koli Shikari Vendor Homepage: https://thedigitalcraft.com/ Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Ubuntu 20.04.3 LTS CVE: CVE-2022-25487 Description This script uploads...