25 matches found
CVE-2023-46378
Stored Cross Site Scripting XSS vulnerability in MiniCMS 1.1.1 allows attackers to run arbitrary code via crafted string appended to /mc-admin/conf.php...
Cross site scripting
Stored Cross Site Scripting XSS vulnerability in MiniCMS 1.1.1 allows attackers to run arbitrary code via crafted string appended to /mc-admin/conf.php...
CVE-2023-46378
Stored Cross Site Scripting XSS vulnerability in MiniCMS 1.1.1 allows attackers to run arbitrary code via crafted string appended to /mc-admin/conf.php...
CVE-2022-24677
Admin.php in HYBBS2 through 2.3.2 allows remote code execution because it writes plugin-related configuration information to conf.php...
Remote code execution
Admin.php in HYBBS2 through 2.3.2 allows remote code execution because it writes plugin-related configuration information to conf.php...
CVE-2022-24677
Admin.php in HYBBS2 through 2.3.2 allows remote code execution because it writes plugin-related configuration information to conf.php...
CVE-2014-5085
A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5085 pertains to instances of fwrite in Sphider Plus, but do not exist in either Sphider or Sphider Pro...
CVE-2014-5085
A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5085 pertains to instances of fwrite in Sphider Plus, but do not exist in either Sphider or Sphider Pro...
CVE-2014-5085
CVE-2014-5085 affects Sphider Plus 3.2, where insufficient sanitization of fwrite to conf.php allows a remote attacker to execute arbitrary code. The vulnerability is specific to Sphider Plus and does not exist in Sphider or Sphider Pro. The provided documents do not specify any remediation or pa...
CVE-2014-5086
A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only, but don’t exist...
CVE-2019-13341
In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php comment box, which can be used to get a user's cookie...
Cross site scripting
In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php comment box, which can be used to get a user's cookie...
CVE-2019-13341
MiniCMS v1.10 contains a stored XSS in mc-admin/conf.php (comment box). The vulnerability arises from insufficient input validation of client-side data, enabling an attacker to steal a user’s cookie. The affected product is MiniCMS 1.10; no patch/version remediation details are provided in the su...
CVE-2018-10227
CVE-2018-10227 affects MiniCMS v1.10. The vulnerability is an XSS flaw in the mc-admin/conf.php site_link parameter, allowing an attacker to inject script through that parameter to execute commands in the user context. No remediation details are provided in the supplied documents. Exploitation st...
CVE-2018-9092
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password...
CVE-2018-9092
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password...
Cross site request forgery (csrf)
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password...
Code injection
Static code injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote authenticated users to inject arbitrary PHP code into settings/conf.php via the wordupperbound parameter...
Sphider Script 1.3.x Command Execution
======================================================================= Sphider Script Remote Code Execution ======================================================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ ...
Sphider Script - Remote Code Execution
Sphider Script - Remote Code Execution ======================================================================= Sphider Script Remote Code Execution ======================================================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 ...