8 matches found
EUVD-2025-201188
A security vulnerability has been detected in dayrui XunRuiCMS up to 4.7.1. Affected by this issue is some unknown functionality of the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=1 of the component Add Data Validation Page. The manipulation of the argument dataname leads to...
CVE-2025-14006
A security vulnerability has been detected in dayrui XunRuiCMS up to 4.7.1. Affected by this issue is some unknown functionality of the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=1 of the component Add Data Validation Page. The manipulation of the argument dataname leads to...
CVE-2025-14006
CVE-2025-14006 affects dayrui XunRuiCMS up to version 4.7.1. The vulnerability lies in the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=1, where manipulating the argument data[name] enables cross-site scripting. The issue is exploitable remotely and the public exploit has been ...
xunruicms 代码注入漏洞
xunruicms is a website builder framework for individual developers of XunRuiCMS. A code injection vulnerability exists in xunruicms 4.7.1 and earlier versions, which stems from incorrect manipulation of the parameter dataname in the file /admind45f74adbd95.php, and could lead to cross-site...
PT-2025-49028
Name of the Vulnerable Software and Affected Versions dayrui XunRuiCMS versions up to 4.7.1 Description A security issue exists in dayrui XunRuiCMS. The issue is related to cross site scripting, potentially allowing remote attacks. The manipulation of the dataname argument in the file...
xunruicms 跨站脚本漏洞
xunruicms is a website builder framework for individual developers of XunRuiCMS. A code injection vulnerability exists in xunruicms 4.7.1 and earlier versions, which stems from incorrect manipulation of the parameter dataname in the file /admind45f74adbd95.php, and could lead to cross-site...
CVE-2025-41033
An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the database, through the 'data%5BPage%5D%5Bname%5D' parameter in /apprain/page/manage-dynamic-pages/create...
appRain CMF SQL注入漏洞
appRain CMF is a content management framework. appRain CMF suffers from an SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the data%5BPage%5D%5Bname%5D parameter of /apprain/page/manage-static-pages/create. An attacker could use this...