91 matches found
Simple CMS SQL注入漏洞
Simple CMS is an open-source content management system developed using Simple PHP scripts. Version 2.1 of Simple CMS has a SQL injection vulnerability, which stems from unvalidated input parameters in the admin.php file, potentially leading to SQL injection attacks...
PT-2026-5490
Name of the Vulnerable Software and Affected Versions Navigate CMS version 2.8.7 Description Navigate CMS 2.8.7 contains an authenticated SQL injection issue that allows attackers to obtain database information by manipulating the sidx parameter within comments. Attackers can exploit this to...
CVE-2018-12905
joyplus-cms 1.6.0 has XSS in adminplayer.php, related to manager/index.php "system manage" and "add" actions...
PHPJabbers Simple CMS SQL注入漏洞
PHPJabbers Simple CMS is a PHPJabbers open source content management system. A SQL injection vulnerability exists in PHPJabbers Simple CMS version 5.0, which originates from a SQL injection in the column parameter of the index.php endpoint, which may result in database information being extracted...
CVE-2025-63523
FeehiCMS version 2.1.1 fails to enforce server-side immutability for parameters that are presented to clients as "read-only." An authenticated attacker can intercept and modify the parameter in transit and the backend accepts the changes. This can lead to unintended username changes...
EUVD-2018-9995
Malware in sbrugna...
EUVD-2016-10095
Malware in sbrugna...
EUVD-2018-11576
Malware in sbrugna...
EUVD-2018-11030
Malware in sbrugna...
EUVD-2020-13127
Malware in sbrugna...
EUVD-2022-2939
Malicious code in bioql PyPI...
EUVD-2023-59372
Malicious code in bioql PyPI...
EUVD-2021-28057
Malicious code in bioql PyPI...
EUVD-2023-1425
Malicious code in bioql PyPI...
EUVD-2023-33493
Malicious code in bioql PyPI...
CVE-2025-50754
Unisite CMS version 5.0 contains a stored Cross-Site Scripting XSS vulnerability in the "Report" functionality. A malicious script submitted by an attacker is rendered in the admin panel when viewed by an administrator. This allows attackers to hijack the admin session and, by leveraging the...
PT-2025-23887 · Unknown · Code-Projects/Anirbandutta9 Content Management System/News-Buzz
Name of the Vulnerable Software and Affected Versions: code-projects/anirbandutta9 Content Management System and News-Buzz version 1.0 Description: A critical issue was found in the code-projects/anirbandutta9 Content Management System and News-Buzz. The problem affects an unknown functionality o...
CVE-2024-42606
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/adminlog.php?clear=1...
CVE-2023-51051
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the Atextauth parameter at /admin/ajax.php...
CVE-2023-51048
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the Anewsauth parameter at /admin/ajax.php...