28 matches found
CVE-2022-38621
Doufox v0.0.4 was discovered to contain a remote code execution RCE vulnerability via the edit file page. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
EUVD-2025-7549
Malicious code in bioql PyPI...
EUVD-2022-45322
Malicious code in bioql PyPI...
CVE-2022-42246
Doufox 0.0.4 contains a CSRF vulnerability that can add system administrator account...
CVE-2025-2215
A vulnerability classified as critical was found in Doufox up to 0.2.0. Affected by this vulnerability is an unknown functionality of the file /?s=doudou=file=list. The manipulation of the argument dir leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to...
CVE-2025-2215
A vulnerability classified as critical was found in Doufox up to 0.2.0. Affected by this vulnerability is an unknown functionality of the file /?s=doudou&c=file&a=list. The manipulation of the argument dir leads to path traversal. The attack can be launched remotely. The exploit has been disclose...
CVE-2025-2215 Doufox s=doudou path traversal
A vulnerability classified as critical was found in Doufox up to 0.2.0. Affected by this vulnerability is an unknown functionality of the file /?s=doudou&c=file&a=list. The manipulation of the argument dir leads to path traversal. The attack can be launched remotely. The exploit has been disclose...
CVE-2025-2215 Doufox s=doudou path traversal
A vulnerability classified as critical was found in Doufox up to 0.2.0. Affected by this vulnerability is an unknown functionality of the file /?s=doudou&c=file&a=list. The manipulation of the argument dir leads to path traversal. The attack can be launched remotely. The exploit has been disclose...
CVE-2025-2215
CVE-2025-2215 concerns a path traversal vulnerability in Doufox up to version 0.2.0. The issue affects an unknown functionality accessed via the query path containing /?s=doudou&c=file&a=list, where manipulating the dir parameter allows traversal of the filesystem. The vulnerability can be exploi...
Doufox 路径遍历漏洞
Doufox is a powerful CMS based on PHP and MySQL open source by Crogram Doufox. Path traversal vulnerability exists in Doufox 0.2.0 and previous versions, the vulnerability stems from the wrong operation of the parameter dir can lead to path traversal attacks...
Doufox Arbitrary File Upload (CVE-2022-38621)
An arbitrary file upload vulnerability exists in Doufox. Successful exploitation of this vulnerability allows an attacker to execute arbitrary code on the vulnerable system with administrative privileges...
Doufox Cross-Site Request Forgery Vulnerability
Doufox is an open source PHP and MySQL-based powerful CMS website builder. version 0.0.4 of Doufox is vulnerable to cross-site request forgery, which stems from a WEB application that does not sufficiently validate that the request is from a trusted user. An attacker could use this vulnerability ...
CVE-2022-42246
Doufox 0.0.4 contains a CSRF vulnerability that can add system administrator account...
CVE-2022-42246
Doufox 0.0.4 contains a CSRF vulnerability that can add system administrator account...
Cross site request forgery (csrf)
Doufox 0.0.4 contains a CSRF vulnerability that can add system administrator account...
CVE-2022-42246
Doufox 0.0.4 contains a CSRF vulnerability that can add system administrator account...
Doufox 跨站请求伪造漏洞
Doufox is an open source PHP and MySQL-based powerful CMS website builder. version 0.0.4 of Doufox is vulnerable to cross-site request forgery, which stems from a WEB application that does not sufficiently validate that the request is from a trusted user. An attacker could use this vulnerability ...
CVE-2022-42246
Doufox 0.0.4 contains a CSRF vulnerability that can add system administrator account...
CVE-2022-42246
Doufox 0.0.4 is affected by a Cross-Site Request Forgery (CSRF) vulnerability that can be exploited to add a system administrator account. The root cause, as described in the sources, is insufficient validation of requests from trusted users in the web application. Practical impact is that an att...
PT-2022-26331 · Doufox · Doufox
Name of the Vulnerable Software and Affected Versions: Doufox version 0.0.4 Description: The issue is related to a CSRF vulnerability that can be exploited to add a system administrator account. Recommendations: For Doufox version 0.0.4, consider implementing CSRF protection mechanisms, such as...