21 matches found
openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap
A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...
EUVD-2025-31437
Malicious code in bioql PyPI...
EUVD-2025-14710
Malicious code in bioql PyPI...
CVE-2025-57205
iNiLabs School Express SMS Express 6.2 is affected by a Stored Cross-Site Scripting XSS vulnerability in the content-management features available to authenticated admin users. The vulnerability resides in POSTed editor parameters submitted to the /posts/edit/id endpoint and similarly in Notice a...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
FoxCMS 安全漏洞
FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS company. A security vulnerability exists in FoxCMS v1.2.5, which originates from the index method in controllerSitemap.php and allows remote code execution...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-15872)
Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
CVE-2024-10292
A vulnerability was found in ZZCMS 2023 and classified as critical. This issue affects some unknown processing of the file 3/Ebak5.1/upload/ChangeTable.php. The manipulation of the argument savefilename leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...
The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to carry out cross-site scripting attacks...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of the website structure, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to carry out cross-site scripting attacks...
The vulnerability of Adobe Experience Manager’s content and media data management system, which exists due to the lack of measures taken to protect the website structure, allows attackers to execute arbitrary JavaScript code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...
S-CMS Security Vulnerabilities
S-CMS is a content management system CMS based on PHP and MySQL from China S-CMS Company. A security vulnerability exists in S-CMS v5.0, which originates from an arbitrary file read vulnerability in /WWW/admin/data.php...
The vulnerability of the Adobe Experience Manager (AEM) content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.
The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
JIZHICMS 跨站请求伪造漏洞
JIZHICMS JIZHICMS is an open source Content Management System CMS from China's JIZHICMS Network Technology Company. A security vulnerability exists in JIZHICMS v2.4.5, which originates from a vulnerability in /Sys/index.html that allows an attacker to arbitrarily change the configuration within t...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...
ED01-CMS SQL注入漏洞
Ed01-Cms is a Cms project in the Udemy course. version 20180505 of ED01-CMS is vulnerable to a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in post.php. An attacker could use this vulnerability to execute illegal SQL commands to steal...
Arbitrary File Deletion Vulnerability in BossCMS
BossCMS is a content management system based on self-developed PHP framework + MySQL architecture. BossCMS has an arbitrary file deletion vulnerability that can be exploited by an attacker to delete arbitrary files...