CraigMS 命令注入漏洞

CraigMS is an open source CMS. CraigMS version 1.0 has a security vulnerability that allows an attacker to execute arbitrary commands by entering carefully crafted inputs into the DB Name field...

Frog CMS Cross-Site Scripting Vulnerability (CNVD-2018-26649)

Frog CMS is a content management system CMS developed by software developer Philippe Archambault. The system provides tools for page templates, user rights management, and document management. A cross-site scripting vulnerability exists in Frog CMS version 0.9.5, which can be exploited by remote...

CVE-2018-20448

Frog CMS 0.9.5 has XSS via the Database name field to the /install/index.php URI...

CVE-2018-20448

Frog CMS 0.9.5 has XSS via the Database name field to the /install/index.php URI...

Design/Logic Flaw

Frog CMS 0.9.5 has XSS via the Database name field to the /install/index.php URI...

CVE-2018-20448

Frog CMS 0.9.5 has XSS via the Database name field to the /install/index.php URI...

Code injection

Static code injection vulnerability in admin/install.php in Flexcustomer 0.0.6 might allow remote attackers to inject arbitrary PHP code into const.inc.php via the installdbname parameter aka the Database Name field. NOTE: the installation instructions specify deleting admin/install.php...