36429 matches found
CVE-2025-15148 CmsEasy Backend Template Management template_admin.php savetemp_action code injection
A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetempaction in the library /lib/admin/templateadmin.php of the component Backend Template Management Page. Executing a manipulation of the argument content/tempdata can lead to code injection. The attack may be launched...
CVE-2025-15148
A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetempaction in the library /lib/admin/templateadmin.php of the component Backend Template Management Page. Executing a manipulation of the argument content/tempdata can lead to code injection. The attack may be launched...
CVE-2025-15148
CmsEasy up to 7.7.7 is affected by a code-injection flaw in the savetemp_action function of /lib/admin/template_admin.php in the Backend Template Management Page. Manipulating the content/tempdata argument can enable remote code execution, and an exploit has been published. The vendor has not res...
EUVD-2025-205503
A vulnerability has been found in shanyu SyCms up to a242ef2d194e8bb249dc175e7c49f2c1673ec921. This issue affects the function addPost of the file Application/Admin/Controller/FileManageController.class.php of the component Administrative Panel. The manipulation leads to code injection. The attac...
CVE-2025-15130
A vulnerability has been found in shanyu SyCms up to a242ef2d194e8bb249dc175e7c49f2c1673ec921. This issue affects the function addPost of the file Application/Admin/Controller/FileManageController.class.php of the component Administrative Panel. The manipulation leads to code injection. The attac...
CVE-2025-15130 shanyu SyCms Administrative Panel FileManageController.class.php addPost code injection
A vulnerability has been found in shanyu SyCms up to a242ef2d194e8bb249dc175e7c49f2c1673ec921. This issue affects the function addPost of the file Application/Admin/Controller/FileManageController.class.php of the component Administrative Panel. The manipulation leads to code injection. The attac...
CVE-2025-15130
The CVE-2025-15130 entry affects shanyu SyCms up to a242ef2d194e8bb249dc175e7c49f2c1673ec921. The vulnerability resides in the Administrative Panel’s Function addPost in Application/Admin/Controller/FileManageController.class.php, enabling remote code injection. Multiple sources corroborate the i...
CVE-2025-15130 shanyu SyCms Administrative Panel FileManageController.class.php addPost code injection
A vulnerability has been found in shanyu SyCms up to a242ef2d194e8bb249dc175e7c49f2c1673ec921. This issue affects the function addPost of the file Application/Admin/Controller/FileManageController.class.php of the component Administrative Panel. The manipulation leads to code injection. The attac...
EUVD-2025-205502
A flaw has been found in ChenJinchuang Lin-CMS-TP5 up to 0.3.3. This vulnerability affects the function Upload of the file application/lib/file/LocalUploader.php of the component File Upload Handler. Executing manipulation of the argument File can lead to code injection. The attack can be execute...
CVE-2025-15129
A flaw has been found in ChenJinchuang Lin-CMS-TP5 up to 0.3.3. This vulnerability affects the function Upload of the file application/lib/file/LocalUploader.php of the component File Upload Handler. Executing manipulation of the argument File can lead to code injection. The attack can be execute...
CVE-2025-15129
A flaw has been found in ChenJinchuang Lin-CMS-TP5 up to 0.3.3. This vulnerability affects the function Upload of the file application/lib/file/LocalUploader.php of the component File Upload Handler. Executing manipulation of the argument File can lead to code injection. The attack can be execute...
CVE-2025-15129 ChenJinchuang Lin-CMS-TP5 File Upload LocalUploader.php upload code injection
A flaw has been found in ChenJinchuang Lin-CMS-TP5 up to 0.3.3. This vulnerability affects the function Upload of the file application/lib/file/LocalUploader.php of the component File Upload Handler. Executing manipulation of the argument File can lead to code injection. The attack can be execute...
CVE-2025-15129
ChenJinchuang Lin-CMS-TP5
CVE-2025-15129 ChenJinchuang Lin-CMS-TP5 File Upload LocalUploader.php upload code injection
A flaw has been found in ChenJinchuang Lin-CMS-TP5 up to 0.3.3. This vulnerability affects the function Upload of the file application/lib/file/LocalUploader.php of the component File Upload Handler. Executing manipulation of the argument File can lead to code injection. The attack can be execute...
PT-2025-53663
Name of the Vulnerable Software and Affected Versions CmsEasy versions through 7.7.7 Description A flaw exists in CmsEasy that allows for code injection. The issue is located in the savetemp action function within the /lib/admin/template admin.php library of the Backend Template Management Page...
HOMEECMS 代码注入漏洞
HOMEECMS is an e-commerce site builder system by tgywatalive individual developer. HOMEECMS b59d7feaa9094234e8aa6c8c6b290621ca575ded and previous versions of the code injection vulnerability, the vulnerability stems from the parameter productName in the file...
PT-2025-53645
Name of the Vulnerable Software and Affected Versions shanyu SyCms versions up to a242ef2d194e8bb249dc175e7c49f2c1673ec921 Description A code injection issue exists in shanyu SyCms. The issue is located in the addPost function within the Application/Admin/Controller/FileManageController.class.php...
XunRuiCMS 跨站脚本漏洞
XunRuiCMS XunRuiCMS is a content management system for individual developers of XunRuiCMS. A code injection vulnerability exists in XunRuiCMS 4.7.1 and earlier versions, which originates from the incorrect operation of the parameter callback in the file /dayrui/Fcms/Init.php, which may lead to...
Lin-CMS-TP5 代码注入漏洞
Lin-CMS-TP5 is a content management system by ChenJinchuang's personal developer. A code injection vulnerability exists in Lin-CMS-TP5 0.3.3 and earlier versions, which originates from the incorrect operation of the parameter File in the file application/lib/file/LocalUploader.php, which may lead...
CacheCloud 代码注入漏洞
CacheCloud is a Redis cloud management platform open-sourced by SohuTV. A code injection vulnerability exists in CacheCloud 3.2.0 and earlier versions, which originates from a misbehavior of the function doTotalList in the file src/main/java/com/sohu/cache/web/controller/TotalManageController.jav...