43672 matches found
CVE-2021-47918 Simple CMS 2.1 SQL Injection Vulnerability via Users Module
Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application...
CVE-2021-47917 Simple CMS 2.1 Persistent Cross-Site Scripting via User Input Parameters
Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading...
CVE-2021-47917 Simple CMS 2.1 Persistent Cross-Site Scripting via User Input Parameters
Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading...
CVE-2021-47919
CVE-2021-47919 affects Simple CMS 2.1. The vulnerability is a non-persistent cross-site scripting (XSS) flaw in the preview.php file’s id parameter, exploitable via a GET request. Attackers can inject malicious script code to execute in the context of authenticated users, with potential consequen...
CVE-2021-47919 Simple CMS 2.1 Non-Persistent Cross-Site Scripting via Preview Parameter
Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks...
CVE-2021-47916
The EUVD entry EUVD-2021-34755 documents a vulnerability in Simple CMS 2.1: a remote SQL injection that lets an attacker inject unvalidated SQL via the users module, exploiting unvalidated input in admin.php to compromise the database management system and the web application. The connected docum...
CVE-2021-47916
...
EUVD-2021-34755
Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application...
Exploit for CVE-2025-2304
CVE-2025-2304 - Camaleon CMS Privilege Escalation This reposi...
Exploit for CVE-2025-2304
CVE-2025-2304 Exploit Camaleon CMS Vulnerable to Privilege Es...
Exploit for CVE-2025-2304
CVE-2025-230...
Exploit for Path Traversal in Tuzitio Camaleon_Cms
CVE-2024-46987 - Camaleon CMS Authenticated Arbitrary File Rea...
Exploit for CVE-2025-2304
Camaleon CMS -p Arguments - -t, --target Base t...
Simple CMS 跨站脚本漏洞
Simple CMS is an open-source content management system developed using Simple PHPScripts. Version 2.1 of Simple CMS has a cross-site scripting vulnerability. This vulnerability stems from the id parameter in the preview.php file, which allows for the execution of arbitrary scripts...
PT-2026-5564
Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks...
Simple CMS SQL注入漏洞
Simple CMS is an open-source content management system developed using Simple PHP scripts. Version 2.1 of Simple CMS has a SQL injection vulnerability, which stems from unvalidated input parameters in the admin.php file, potentially leading to SQL injection attacks...
Simple CMS 跨站脚本漏洞
Simple CMS is an open-source content management system developed using Simple PHPScripts. Version 2.1 of Simple CMS has a cross-site scripting vulnerability. This vulnerability stems from persistent cross-site scripting vulnerabilities in user input parameters, which could allow remote attackers ...
Exploit for CVE-2025-2304
CVE-2025-2304-POC Manual poc for CVE-2025-2304: Camaleon CMS...
Malicious code in roots-cms-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9670a58bdf8573b9c7d94a74cf58593a55692bfcf33d931693680389b981f89c The package roots-cms-client was found to contain malicious code. Source: ghsa-malware 88007d193d64ac8d7a2a970903353601b1f620a48f22c3cd3c7a838da0cce4...
MAL-2026-617 Malicious code in roots-cms-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9670a58bdf8573b9c7d94a74cf58593a55692bfcf33d931693680389b981f89c The package roots-cms-client was found to contain malicious code. Source: ghsa-malware 88007d193d64ac8d7a2a970903353601b1f620a48f22c3cd3c7a838da0cce4...