CICMS V2.1 18013 has xss vulnerability

CICMS system is developed by php+mysql, based on CodeIgniter, and is mainly used for enterprise building. CICMS V2.1 18013 has an xss vulnerability, which can be exploited by attackers to execute arbitrary JavaScript code...

DiliCMS Cross-Site Scripting Vulnerability (CNVD-2019-17480)

DiliCMS is a rapid development content management system based on CodeIgniter. DiliCMS has a cross-site scripting vulnerability that can be exploited to inject web scripts and obtain sensitive information via the attachmenturl parameter of admin/index.php/setting/site?tab=siteattachment...

Code Execution Vulnerability in POCMS Program Version v3.2.0 Backend

POSCMS System is a content management system based on the CodeIgniter framework. A code execution vulnerability exists in the backend of POCMS program version v3.2.0, which can be exploited by an attacker to execute code and thus gain control of the server...

FS Lynda Clone SQL Injection Vulnerability

FS Lynda Clone is a set of scripts for video learning websites written using the PHP Codelgniter framework. A SQL injection vulnerability exists in FS Lynda Clone version 1.0. A remote attacker can exploit the vulnerability by sending the 'keywords' parameter to tutorial/ to inject SQL commands...

FS Shutterstock Clone SQL Injection Vulnerability

FS Shutterstock Clone is a set of scripts for sharing media content online using the PHP CodeIgniter framework. The script supports online sharing of media content such as images, videos and music. A SQL injection vulnerability exists in FS Shutterstock Clone version 1.0. A remote attacker can...

FS Foodpanda Clone SQL Injection Vulnerability

FS Foodpanda Clone is a set of online food trading website scripts written using the PHP CodeIgniter framework. A SQL injection vulnerability exists in FS Foodpanda Clone version 1.0. A remote attacker can exploit this vulnerability to inject SQL commands...

CICMS V2.1 suffers from sql injection vulnerability

CICMS system is developed by php+mysql, based on CodeIgniter, and is mainly used for enterprise building. CICMS V2.1 suffers from a sql injection vulnerability. An attacker can exploit this vulnerability to obtain the server's password...

PHPback Cross Site Scripting / SQL Injection

Exploit Title :PHPback alertdocument.cookie; in title parameter title="alertdocument.location; SQLI Screenshot https://cloud.githubusercontent.com/assets/10351062/14776703/c9440524-0ae5-11e6-9240-a37a685a72b1.png XSS screenshot https://cloud.githubusercontent.com/as...

PHPBack 1.3.1 - SQL Injection Cross-Site Scripting

PHPBack 1.3.1 - SQL Injection Cross-Site Scripting Exploit Title :PHPback alertdocument.cookie; in title parameter title="alertdocument.location; SQLI Screenshot https://cloud.githubusercontent.com/assets/10351062/14776703/c9440524-0ae5-11e6-9240-a37a685a72b1.png XSS screenshot...

FineCMS Enterprise Email Parameter SQL Injection Vulnerability

FineCMS is a small and medium-sized content management system based on PHP+MySql+CI framework. An SQL injection vulnerability exists in the email parameter of FineCMS Enterprise Edition, as the program fails to adequately filter the email parameter, allowing attackers to exploit the vulnerability...