CVE-2026-1136

A weakness has been identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. Affected is the function Save of the file /blog/bContent/save of the component ContentController. This manipulation of the argument content/author/title causes cross site scripting. Remote exploitatio...

CVE-2026-1136

The CVE-2026-1136 entry concerns a cross-site scripting (XSS) vulnerability in the lcg0124 BootDo product, specifically in the ContentController Save function (file path: /blog/bContent/save). The issue arises from manipulating the content/author/title argument, enabling XSS and enabling remote e...

CVE-2019-8422

A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php...

finecms SQL injection vulnerability (CNVD-2017-28415)

FineCMS is a website building system based on PHP+MySql+CI framework. A SQL injection vulnerability exists in the controllersmemberContentController.php page in Finecms, which can be exploited by remote attackers to manipulate the website database...

CVE-2017-12774

finecms in 1.9.5\controllers\member\ContentController.php allows remote attackers to operate website database...

CVE-2017-12774

finecms in 1.9.5\controllers\member\ContentController.php allows remote attackers to operate website database...