20 matches found
EUVD-2020-20578
Malware in sbrugna...
EUVD-2020-23023
Malware in sbrugna...
EUVD-2020-21625
Malware in sbrugna...
EUVD-2021-29925
Malicious code in bioql PyPI...
CVE-2021-42970
Cross Site Scripting XSS vulnerability exists in cxuucms v3 via the imgurl of /feedback/post/ content parameter...
CVE-2020-35346
CXUUCMS V3 3.1 is affected by a reflected XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the imgurl parameter of admin.php?c=content=add...
CVE-2020-35347
CXUUCMS V3 3.1 has a CSRF vulnerability that can add an administrator account via admin.php?c=adminuser=add...
CVE-2020-29250
CXUUCMS V3 allows XSS via the first and third input fields to /public/admin.php...
CVE-2020-29249
CXUUCMS V3 allows class="layui-input" XSS...
CVE-2021-42970
Cross Site Scripting XSS vulnerability exists in cxuucms v3 via the imgurl of /feedback/post/ content parameter...
Cross site scripting
Cross Site Scripting XSS vulnerability exists in cxuucms v3 via the imgurl of /feedback/post/ content parameter...
CVE-2021-42970
CXUUCMS v3 is affected by a Cross Site Scripting (XSS) vulnerability via the imgurl field in the /feedback/post/ content parameter. The root cause is unsafely handled user input in the imgurl parameter, enabling script injection visible to other users. According to the cited references, this is a...
CVE-2020-29250
CXUUCMS V3 allows XSS via the first and third input fields to /public/admin.php...
CVE-2020-29249
CXUUCMS V3 allows class="layui-input" XSS...
Design/Logic Flaw
CXUUCMS V3 allows XSS via the first and third input fields to /public/admin.php...
Cross site scripting
CXUUCMS V3 allows class="layui-input" XSS...
CVE-2020-29250
CXUUCMS V3 allows XSS via the first and third input fields to /public/admin.php...
CVE-2020-29249
CXUUCMS V3 allows class="layui-input" XSS...
CVE-2020-35347
CXUUCMS V3 3.1 has a CSRF vulnerability that can add an administrator account via admin.php?c=adminuser&a=add...
Sql injection
cxuucms v3 has a SQL injection vulnerability, which can lead to the leakage of all database data via the keywords parameter via search.php...