32 matches found
EUVD-2018-9822
Malware in sbrugna...
EUVD-2018-9821
Malware in sbrugna...
Duomi (DuomiCms) film and television management system has unauthorized access vulnerabilities
Duomi DuomiCms film and television management system is a set of video on demand system designed for film and television station owners, using PHP + MYSQL architecture, native PHP code to bring excellent access speed and load capacity. Duomi DuomiCms Movie and TV Management System has an...
SQL Injection Vulnerability in DuomiCms Backend
Duomi DuomiCms film and television management system is a set of video on demand system designed for film and television station owners, using PHP + MYSQL architecture, native PHP code to bring excellent access speed and load capacity. DuomiCms backend has SQL injection vulnerability, attackers c...
Duomicms x3.0_UTF8_Official version of the front-end SQL injection vulnerability
DuomiCms is a video-on-demand system designed for movie and TV station owners. Duomicms x3.0UTF8official version of the front end of the vi.php file there is a SQL injection vulnerability, attackers can exploit the vulnerability to obtain database sensitive information...
CVE-2018-18083
An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing...
CVE-2018-18084
An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ajax.php file, as demonstrated by the uid parameter...
Sql injection
An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ajax.php file, as demonstrated by the uid parameter...
CVE-2018-18083
An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing...
CVE-2018-18083
CVE-2018-18083 affects DuomiCMS 3.0. Affected component: search.php, where the parameter searchword is processed and unsafely uses eval during if processing, enabling remote PHP code execution. This yields high/severe impact (NVD CVSS3: 9.8, CRITICAL; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Exploit...
CVE-2018-18084
CVE-2018-18084 affects DuomiCMS 3.0. A SQL injection exists in the ajax.php file, demonstrated by the uid parameter. The issue is rated with CVSS v3.1: base score 9.8 (CRITICAL), vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating network attack needs no authentication or user interac...
CVE-2018-18084
An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ajax.php file, as demonstrated by the uid parameter...
CVE-2018-18083
An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing...
DuomiCMS前台SQL注入
...
duomicms前台全局变量覆盖导致getshell
...
Duomi (DuomiCms) Movie Management System X3.0 version of the existing code execution vulnerabilities
Duomi DuomiCms Movie and TV management system is a set of video on demand system designed for different needs of webmasters. Duomi DuomiCms Movie and TV Management System X3.0 version of the code execution vulnerability, an attacker can exploit the vulnerability to execute arbitrary code...
SQL injection vulnerability in DuomiCms X3.0 background admin_collect.php page
DuomiCms is a video-on-demand system designed for film and television station owners. There is a SQL injection vulnerability in the admincollect.php page of DuomiCms X3.0 backend. An attacker can exploit the vulnerability to obtain sensitive database information...
DuomiCms x3.0 frontend duomiphp/ajax.php file has SQL injection vulnerability
DuomiCms is a video-on-demand system designed for film and television station owners. DuomiCms x3.0 frontend duomiphp/ajax.php file has SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...
SQL Injection Vulnerability in DuomiCms x3.0 Frontend
DuomiCms is a video-on-demand system designed for film and television station owners. SQL injection vulnerability exists in DuomiCms x3.0 frontend. An attacker can exploit the vulnerability to obtain sensitive database information...
Code execution vulnerability in DuomiCms x3.0 (CNVD-2018-03672)
DuomiCms is a video-on-demand system designed for film and television station owners. A code execution vulnerability exists in the admin/adminweixin.php file in DuomiCms x3.0 due to the system failing to effectively filter input parameters. An attacker can exploit this vulnerability to obtain a...