EUVD-2025-2771

Malicious code in bioql PyPI...

CVE-2025-54134 HAX CMS NodeJs's Improper Error Handling Leads to Denial of Service

HAX CMS NodeJs allows users to manage their microsite universe with a NodeJs backend. In versions 11.0.8 and below, the HAX CMS NodeJS application crashes when an authenticated attacker provides an API request lacking required URL parameters. This vulnerability affects the listFiles and saveFiles...

PT-2024-20081 · Unknown · A-Blog Cms

Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 3.1.7 a-blog cms versions prior to 3.0.29 a-blog cms versions prior to 2.11.58 a-blog cms versions prior to 2.10.50 a-blog cms version 2.9.0 and earlier Description: A cross-site scripting vulnerability exists in...

URL XSS vulnerability due to outdated jquery in CMS

Silverstripe silverstripe/framework through 4.11 allows XSS issue 2 of 3...

GHSA-XRPJ-F9V6-2332 CSV injection in Craft CMS

Withdrawn Duplicate of GHSA-h7vq-5qgw-jwwq...

WordPress 5.0 Patched to Fix Serious Bugs

WordPress 5.0 users are being urged to update their CMS software to fix a number of serious bugs. The update WordPress 5.0.1 addresses seven flaws and was issued Thursday, less than a week after WordPress 5.0 was released. The most serious of the flaws is a bug that allows the WordPress “user...

CVE-2018-0263

A vulnerability in Cisco Meeting Server CMS could allow an unauthenticated, adjacent attacker to access services running on internal device interfaces of an affected system. The vulnerability is due to incorrect default configuration of the device, which can expose internal interfaces and ports o...

CVE-2017-1002001

Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com...

CVE-2017-1002001

Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com...

Design/Logic Flaw

Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com...

CVE-2017-1002002

The CVE-2017-1002002 entry describes a vulnerability in the WordPress plugin webapp-builder v2.0, where the plugin “includes unlicensed vulnerable CMS software from http://www.invedion.com/.” This indicates a root cause related to embedded third‑party CMS software within the plugin, exposing the ...

CVE-2017-12249

A vulnerability in the Traversal Using Relay NAT TURN server included with Cisco Meeting Server CMS could allow an authenticated, remote attacker to gain unauthenticated or unauthorized access to components of or sensitive information in an affected system. The vulnerability is due to an incorrec...

onArcade 2.4.x Local File Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title: onArcade 2.4.x Local File Get Contents Vulnerability Google Dork: inurl:"cup.php?a=all" Date: 23 Mar 2017 Exploit Author: Deyaa Muhammad Author Mail: contact at deyaa.me Exploit Blog:...

Itech News Portal Script 6.28 SQL Injection

Exploit Title: Itech News Portal Script v6.28 a SQL Injection Date: 30.01.2017 Vendor Homepage: http://itechscripts.com/ Software Link: http://itechscripts.com/news-portal-script/ Exploit Author: Kaan KAMIS Contact: iletisimatk2andotcom Website: http://k2an.com Category: Web Application Exploits...

Itech News Portal Script 6.28 - 'inf' SQL Injection

Exploit Title: Itech News Portal Script v6.28 – SQL Injection Date: 30.01.2017 Vendor Homepage: http://itechscripts.com/ Software Link: http://itechscripts.com/news-portal-script/ Exploit Author: Kaan KAMIS Contact: iletisimatk2andotcom Website: http://k2an.com Category: Web Application Exploits...

Itech News Portal Script 6.28 - inf SQL Injection

Itech News Portal Script 6.28 - inf SQL Injection Exploit Title: Itech News Portal Script v6.28 – SQL Injection Date: 30.01.2017 Vendor Homepage: http://itechscripts.com/ Software Link: http://itechscripts.com/news-portal-script/ Exploit Author: Kaan KAMIS Contact: iletisimatk2andotcom Website:...

Itech News Portal Script 6.28 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Itech News Portal Script v6.28 – SQL Injection Date: 30.01.2017 Vendor Homepage: http://itechscripts.com/ Software Link: http://itechscripts.com/news-portal-script/ Exploit Author: Kaan KAMIS Contact: iletisimatk2andotcom Websit...

cms (id) 5.0 - SQL Injection

cms id 5.0 - SQL Injection ----------------------------------------------------------------------- CmS id SQL Injection Vulnerability ----------------------------------------------------------------------- Author : spykit Site : http://devilzc0de.org/ Date : April, 22-2010 Location : Jakarta,...

Neo CMS SQL Injection vulnerability

---------------------------------------------------------------------- PT-2009-36 Positive Technologies Security Advisory Neo CMS SQL Injection vulnerability ---------------------------------------------------------------------- --- Affected Software Neo CMS Versions up to 1.777 Product Link:...

PT-2009-21: CMS.Pilot SQL Injection Vulnerability

CMS.Pilot is a content management system CMS software, usually implemented as a Web application, for creating and managing HTML content. It is used to manage and control a large, dynamic collection of Web material HTML documents and their associated images. Vulnerability Description Positive...