Exploit for OS Command Injection in Dolibarr Dolibarr_Erp\/Crm

CVE-2023-30253 CVE-2023-30253 PoC Description This is my Po...

Code Injection

dolibarr/dolibarr is vulnerable to Code Injection. The vulnerability exists when the CMS Website plugin is enabled due to not properly check for different uppercase manipulations of ?php, which allows an attacker to inject and execute arbitrary code into the system...

Silverstripe framework cross-site scripting vulnerability

silverstripe framework is a CMS web framework. A cross-site scripting vulnerability exists in silverstripe framework versions 3.0.0 and later and 4.11.1 and earlier, which stems from a lack of effective filtering and escaping of user-supplied data and can be exploited by an attacker to execute...

Garage Management System client.php跨站脚本漏洞

Garage Management System Cms-Website is a garage management system that helps you manage all your vehicles, cars and motorcycles. A cross-site scripting vulnerability exists in Garage Management System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in th...

Garage Management System SQL Injection Vulnerability (CNVD-2022-62232)

Garage Management System Cms-Website is a garage management system. A SQL injection vulnerability exists in Garage Management System v1.0, which stems from a lack of validation of externally entered SQL statements in the id parameter of /print.php. An attacker could use this vulnerability to...

S-CMS enterprise website building system suffers from SQL injection vulnerability (CNVD-2021-41052)

S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. S-CMS enterprise website builder system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive...

Directusv8 Code Issues Vulnerabilities

Directusv8 is GlobalDirectusv8 open source an application system provides a CMS website builder . A security vulnerability exists in versions prior to Directus 8 8.8.2, which can be exploited by attackers to execute arbitrary code...

cms.sig.biz Open Redirect vulnerability

Open Bug Bounty ID: OBB-1146428 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Command Execution Vulnerability in the mi***.php File of S-CMS Enterprise Website Builder System

S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. S-CMS enterprise website builder system mi.php file there is a command execution vulnerability, an attacker can use the vulnerabilit...

cms.schoolcenter.com XSS vulnerability

Open Bug Bounty ID: OBB-323721 Description| Value ---|--- Affected Website:| cms.schoolcenter.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Stored Cross-site Scripting Vulnerability in s-cms Website Builder System

S-CMS is Zibo Shining Network Technology Co., Ltd. developed a solution for enterprise station-building products. A stored cross-site scripting vulnerability exists in the S-CMS website builder system. Due to the lack of filtering on the /member/memberreg.asp page, an attacker can launch a...

FOOT Gestion CMS SQL Injection Vulnerability

FOOT Gestion CMS suffers from a remote SQL injection vulnerability. Product: FOOT Gestion Version: - Vendor: Winsoft Vendor site:http://www.footgestion.ch Status: fixed Level: High ========= Description ========= FOOT Gestion is a soccer team management CMS. The solution is based on a software an...

Family Connections 1.8.2 Arbitrary File Upload

Salvatore "drosophila" Fresta + Application: Family Connection + Version: = 1.8.2 + Website: http://www.familycms.com + Bugs: A Arbitrary File Upload + Exploitation: Remote + Date: 3 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila" Fresta + Contact: e-mail:...