Lucene search
K

32 matches found

Positive Technologies
Positive Technologies
added 2025/02/06 12:0 a.m.4 views

PT-2025-5840 · Douphp · Douphp

Name of the Vulnerable Software and Affected Versions: DouPHP version 1.8 Release 20231203 Description: The issue allows attackers to execute arbitrary code via a crafted payload injected into the description parameter in "/admin/article.php" API endpoint. This enables attackers to perform...

4.8CVSS7.1AI score0.00326EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/02/06 12:0 a.m.11 views

CVE-2024-57599

Cross Site Scripting vulnerability in DouPHP v.1.8 Release 20231203 allows attackers to execute arbitrary code via a crafted payload injected into the description parameter in /admin/article.php...

0.00326EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/02/06 12:0 a.m.6 views

CVE-2024-57599

Cross Site Scripting vulnerability in DouPHP v.1.8 Release 20231203 allows attackers to execute arbitrary code via a crafted payload injected into the description parameter in /admin/article.php...

5.5AI score0.00326EPSS
Exploits1References2
CVE
CVE
added 2025/02/06 12:0 a.m.49 views

CVE-2024-57599

CVE-2024-57599 affects DouPHP v1.8 Release 20231203. The vulnerability arises from improper handling of the description parameter in /admin/article.php, allowing an attacker to inject a crafted payload that leads to cross-site scripting and arbitrary code execution. Affected component: descriptio...

4.8CVSS7.4AI score0.00326EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2024/08/18 11:15 p.m.6 views

CVE-2024-7917

A vulnerability, which was classified as critical, has been found in DouPHP 1.7 Release 20220822. Affected by this issue is some unknown functionality of the file /admin/system.php of the component Favicon Handler. The manipulation of the argument sitefavicon leads to unrestricted upload. The...

7.2CVSS5.4AI score0.00588EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2023/05/03 12:0 a.m.6 views

CVE-2023-30205

A stored cross-site scripting XSS vulnerability in DouPHP v1.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the uniqueid parameter in /admin/article.php...

5AI score0.00341EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/07 12:0 a.m.3 views

SQL injection vulnerability in DouPHP sn***.php file at Zhangzhou Beanshell Network Technology Co.

DouPHP is a lightweight enterprise website management system based on PHP+Mysql architecture, running on various platforms such as Linux, Windows, MacOSX, Solaris and so on. A SQL injection vulnerability exists in the DouPHP sn.php file of Zhangzhou Beanshell Network Technology Co. Ltd, which can...

7.9AI score
Exploits0
CNVD
CNVD
added 2020/03/12 12:0 a.m.1 views

Logic flaw vulnerability in Douphp lo***.php file

DouPHP is a lightweight enterprise website management system based on PHP+Mysql architecture, running on various platforms such as Linux, Windows, MacOSX, Solaris and so on. A logic flaw vulnerability exists in the Douphp lo.php file. Attackers can capture packets for blasting and obtain sensitiv...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/08/08 12:0 a.m.2 views

Code execution vulnerability exists in DouPHP (CNVD-2019-29926)

DouPHP is a lightweight enterprise website management system based on PHP+Mysql architecture, running on various platforms such as Linux, Windows, MacOSX, Solaris and so on. DouPHP has a code execution vulnerability that can be exploited by attackers to gain control of the web server...

7.8AI score
Exploits0
CNVD
CNVD
added 2018/12/29 12:0 a.m.8 views

DouCo DouPHP Cross-Site Scripting Vulnerability (CNVD-2019-00999)

DouCo DouPHP is a lightweight open source CMS Content Management System based on PHP and MySQL. A cross-site scripting vulnerability exists in admin/article.php?rec=update in DouCo DouPHP version 1.5 20181221. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

4.8CVSS6AI score0.00534EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/29 12:0 a.m.3 views

DouCo DouPHP cross-site scripting vulnerability (CNVD-2019-00997)

DouCo DouPHP is a lightweight open source CMS Content Management System based on PHP and MySQL. A cross-site scripting vulnerability exists in admin/product.php?rec=update in DouCo DouPHP version 1.5 20181221. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

4.8CVSS6AI score0.00534EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/29 12:0 a.m.5 views

DouCo DouPHP Information Disclosure Vulnerability

DouCo DouPHP is a lightweight open source CMS Content Management System based on PHP and MySQL. A security vulnerability exists in DouCo DouPHP version 1.5 20181221. An attacker can exploit the vulnerability to obtain the full path in the error message 'Smarty error: unable to read resource' with...

5.3CVSS6.8AI score0.01289EPSS
Exploits1References1
Rows per page
Query Builder