6 matches found
CwCMS suffers from SQL injection vulnerability
CwCMS is a customized ASP+Access/MsSql content management system specifically designed for corporate websites. CwCMS suffers from SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
CWCMS of Henan Netflag Pioneer Network Technology Co., Ltd. suffers from universal password login vulnerability
CWCMS is a set of customized ASP+Access/MsSql program specially designed for corporate websites. Henan Netflag Pioneer Network Technology Co., Ltd CWCMS has a universal password login vulnerability. An attacker can use this vulnerability to obtain sensitive information...
CwCms v1.8_asp Exists SQL Injection Vulnerability
CwCMS is a customized ASP+Access/MsSql content management system specifically designed for corporate websites. CwCms v1.8asp suffers from a SQL injection vulnerability. The vulnerability stems from the program does not strictly filter parameters. An attacker can exploit this vulnerability to obta...
CVE-2018-8972
Creditwest Bank CMS Project (CWCMS) prior to 2017-07-28 contains a cross-site request forgery (CSRF) vulnerability in the Website Configuration Update feature. This CSRF flaw enables an attacker to inject arbitrary PHP code, demonstrated by a PHP shell that calls eval on request parameters. Affec...
Code Execution Vulnerability in CwCms v1.8
CwCMS is a customized ASP+Access/MsSql content management system specifically designed for corporate websites. A code execution vulnerability exists in CwCms v1.8, which is due to the system failing to effectively filter input parameters. An attacker can exploit this vulnerability to upload a...
Multiple Vulnerabilities in CwCMS v1.0
CwCMS is an enterprise website management system. CwCMS v1.0 has SQL injection and file upload vulnerabilities in several files, which can be exploited by attackers to obtain sensitive information from the database and gain administrative privileges on the server...