CVE-2024-58307

CSZCMS 1.3.0 contains an authenticated SQL injection vulnerability in the members view functionality that allows authenticated attackers to manipulate database queries. Attackers can inject malicious SQL code through the view parameter to potentially execute time-based blind SQL injection attacks...

CVE-2024-58307 CSZCMS 1.3.0 Authenticated SQL Injection via Members View Endpoint

CSZCMS 1.3.0 contains an authenticated SQL injection vulnerability in the members view functionality that allows authenticated attackers to manipulate database queries. Attackers can inject malicious SQL code through the view parameter to potentially execute time-based blind SQL injection attacks...

CVE-2024-58307 CSZCMS 1.3.0 Authenticated SQL Injection via Members View Endpoint

CSZCMS 1.3.0 contains an authenticated SQL injection vulnerability in the members view functionality that allows authenticated attackers to manipulate database queries. Attackers can inject malicious SQL code through the view parameter to potentially execute time-based blind SQL injection attacks...

CSZCMS SQL注入漏洞

CSZCMS is an open source web application by Cskaza Bassist Individual Developer that allows to manage all content and settings on a website. A SQL injection vulnerability exists in CSZCMS version 1.3.0, which stems from a SQL injection in the member view feature that could lead to the extraction ...

EUVD-2021-26563

Malware in sbrugna...

EUVD-2020-23714

Malware in sbrugna...

EUVD-2023-45936

Malicious code in bioql PyPI...

EUVD-2023-38600

Malicious code in bioql PyPI...

EUVD-2022-33427

Malicious code in bioql PyPI...

EUVD-2023-58545

Malicious code in bioql PyPI...

EUVD-2021-33060

Malicious code in bioql PyPI...

CVE-2023-41436

Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...

CVE-2023-34545

A SQL injection vulnerability in CSZCMS 1.3.0 allows remote attackers to run arbitrary SQL commands via p parameter or the search URL...

CVE-2022-28997

CSZCMS v1.3.0 allows attackers to execute a Server-Side Request Forgery SSRF which can be leveraged to leak sensitive data via a local file inclusion at /admin/filemanager/connector/...

CVE-2021-3224

A stored cross-site scripting XSS vulnerability in cszcms 1.2.9 exists in /admin/pages/new via the content parameter...

CVE-2021-46377

There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.phpviewUser...

CVE-2020-36136

SQL Injection vulnerability in cskaza cszcms version 1.2.9, allows attackers to gain sensitive information via pmsendmail parameter in cszmodel.php...

CSZCMS v1.3.0 - SQL Injection (Authenticated)

Title: CSZCMS v1.3.0 - SQL Injection Authenticated Author: Abdulaziz Almetairy Date: 27/01/2024 Vendor: https://www.cszcms.com/ Software: https://sourceforge.net/projects/cszcms/files/install/CSZCMS-V1.3.0.zip/download Reference: https://github.com/oh-az Tested on: Windows 11, MySQL, Apache 1 - L...

CSZCMS 1.3.0 SQL Injection Vulnerability

Title: CSZCMS v1.3.0 - SQL Injection Author: Abdulaziz Almetairy Vendor: https://www.cszcms.com/ Software: https://sourceforge.net/projects/cszcms/files/install/CSZCMS-V1.3.0.zip/download Reference: https://github.com/oh-az Tested on: Windows 11, MySQL, Apache 1 - Log in to the admin portal...

CSZCMS 1.3.0 SQL Injection

Title: CSZCMS v1.3.0 - SQL Injection Author: Abdulaziz Almetairy Date: 27/01/2024 Vendor: https://www.cszcms.com/ Software: https://sourceforge.net/projects/cszcms/files/install/CSZCMS-V1.3.0.zip/download Reference: https://github.com/oh-az Tested on: Windows 11, MySQL, Apache 1 - Log in to the...