60 matches found
EUVD-2020-18241
Malware in sbrugna...
EUVD-2021-23250
Malware in sbrugna...
EUVD-2020-7587
Malware in sbrugna...
EUVD-2018-7441
Malware in sbrugna...
EUVD-2020-18223
Malware in sbrugna...
EUVD-2021-28044
Malicious code in bioql PyPI...
CVE-2021-36654
CMSuno 1.7 is vulnerable to an authenticated stored cross site scripting in modifying the filename parameter tgo while updating the theme...
CVE-2020-15600
An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password...
CMSUno Remote Code Execution (CVE-2021-40889)
A remote code execution vulnerability exists in CMSUno. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2021-40889
CMSUno version 1.7.2 is affected by a PHP code execution vulnerability. sauvePass action in webroot/uno/central.php file calls to fileputcontents function to write username in password.php file when a user successfully changed their password. The attacker can inject malicious PHP code into...
CVE-2021-40889
CMSUno version 1.7.2 is affected by a PHP code execution vulnerability. sauvePass action in webroot/uno/central.php file calls to fileputcontents function to write username in password.php file when a user successfully changed their password. The attacker can inject malicious PHP code into...
Remote code execution
CMSUno version 1.7.2 is affected by a PHP code execution vulnerability. sauvePass action in webroot/uno/central.php file calls to fileputcontents function to write username in password.php file when a user successfully changed their password. The attacker can inject malicious PHP code into...
CVE-2021-40889
CMSUno version 1.7.2 is affected by a PHP code execution vulnerability. sauvePass action in webroot/uno/central.php file calls to fileputcontents function to write username in password.php file when a user successfully changed their password. The attacker can inject malicious PHP code into...
CVE-2021-40889
CMSUno 1.7.2 is affected by a PHP code execution vulnerability. The sauvePass action in {webroot}/uno/central.php writes the username to password.php via file_put_contents() after a password change, allowing an attacker to inject PHP code into password.php and trigger code execution through login...
CMSUno 代码注入漏洞
CMSUno is a tool for creating single-page responsive websites from the French individual developer Jacques Malgrange. A security vulnerability exists in CMSUno version 1.7.2, which stems from the software being affected by a PHP code execution vulnerability. When a user successfully changes their...
CMSuno 1.7 - (tgo) Stored Cross-Site Scripting (Authenticated) Vulnerability
Exploit Title: CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting XSS Authenticated Exploit Author: splint3rsec Vendor Homepage: https://github.com/boiteasite Software Link: https://github.com/boiteasite/cmsuno Affected Versions: CMSuno 1.7 and prior CVE : CVE-2021-36654 CMSuno version 1.7 and prior ...
CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
Exploit Title: CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting XSS Authenticated Date: 03-08-2021 Exploit Author: splint3rsec Vendor Homepage: https://github.com/boiteasite Software Link: https://github.com/boiteasite/cmsuno Affected Versions: CMSuno 1.7 and prior CVE : CVE-2021-36654 CMSuno versi...
CMSuno 1.7 Cross Site Scripting
Exploit Title: CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting XSS Authenticated Date: 03-08-2021 Exploit Author: splint3rsec Vendor Homepage: https://github.com/boiteasite Software Link: https://github.com/boiteasite/cmsuno Affected Versions: CMSuno 1.7 and prior CVE : CVE-2021-36654 CMSuno versi...
CVE-2021-36654
CMSuno 1.7 is vulnerable to an authenticated stored cross site scripting in modifying the filename parameter tgo while updating the theme...
CVE-2021-36654
CMSuno 1.7 is vulnerable to an authenticated stored cross site scripting in modifying the filename parameter tgo while updating the theme...