KANATA CMS ALAYA SQL注入漏洞

KANATA CMS ALAYA is a digital content management platform for enterprises developed by KANATA Corporation in Japan. CMS ALAYA has a SQL injection vulnerability. This vulnerability stems from SQL injections, and it could allow attackers with access to the management interface to obtain or modify...

EUVD-2005-4394

Malware in sbrugna...

Design/Logic Flaw

@webiny/react-rich-text-renderer before 5.37.2 allows XSS attacks by content managers. This is a react component to render data coming from Webiny Headless CMS and Webiny Form Builder. Webiny is an open-source serverless enterprise CMS. The @webiny/react-rich-text-renderer package depends on the...

Command Execution Vulnerability in Mito Enterprise Website Builder System

Mito enterprise building system is a Changsha Mito Information Technology Co., Ltd. independent research and development of free and open source enterprise-level CMS. A command execution vulnerability exists in Mito Enterprise CMS, which can be exploited by attackers to gain server control...

Arbitrary File Deletion Vulnerability in MLECMS

MLECMS is a PHP MySQL, ASP Access/SQL Server based development , enterprise-oriented , support for multi-language , free , open source CMS, to help business users to quickly build and deploy enterprise-level portal . MLECMS arbitrary file deletion vulnerability , an attacker can use this...

Bluecms suffers from SQL injection vulnerability (CNVD-2020-62376)

bluecms enterprise website is an asp+access for the development of enterprise website cms. Bluecms has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...

Mito cms file inclusion vulnerability

Mito enterprise building system is a Changsha Mito Information Technology Co., Ltd. independent research and development of free and open source enterprise-level CMS. Changsha Mito Information Technology Co., Ltd Mito enterprise website building system has a file inclusion vulnerability, which ca...

Code Execution Vulnerability in SongCMS Backend

SongCMS is a PHP MySQL, ASP Access/SQL Server based development , enterprise-oriented , multi-language support , free , open source CMS, to help business users to quickly build and deploy enterprise-level portal . SongCMS backend code execution vulnerabilities , attackers use the vulnerability to...

S-CMS enterprise website building system backend C_da*** parameter exists SQL injection vulnerability

S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. There is a SQL injection vulnerability in the Cda parameter in the background of S-CMS enterprise website building system. Attackers...

XSS Vulnerability in Fish Leap CMS Frontend at Comments

Fish CMS is a content management system developed by the official Catfish CMS specifically for enterprise applications. An XSS vulnerability exists in the front-end comments of FishCenter CMS, which can be exploited by an attacker to obtain an administrator cookie...

Command execution vulnerability in FrogCMS Pa***.php file

FrogCMS is an enterprise building system CMS based on PHP+Mysql architecture that can run on various server platforms such as Linux, Windows and so on. FrogCMS Pa.php file has a command execution vulnerability that can be exploited by an attacker to gain access to the site permissions and so on...

Remote Code Execution Vulnerability in PHPOK 5.0.003

PHPOK enterprise station system is a set of enterprise station CMS system developed in PHP + MYSQL language. PHPOK5.0.003 has a remote code execution vulnerability that can be exploited by attackers to execute arbitrary code...

S-CMS Enterprise Website Builder System SQL Injection Vulnerability in Frontend co***/fo***.php Page

S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. There is a SQL injection vulnerability in the front co/fo.php page of S-CMS enterprise website builder system. Attackers can use the...

Code Execution Vulnerability in Kolon Enterprise CMS v1.7.3

Kelong Enterprise CMS is a content management system launched by Zhangzhou Kelong Weite Electronic Co. A code execution vulnerability exists in KeLong Enterprise CMS v1.7.3, which can be exploited by attackers to gain control of a web server...

Plone CMS 4.3.11 / 5.0.6 XSS / Traversal / Open Redirection

Product Description Plone is a free and open source content management system built on top of the Zope application server. Plone is positioned as an "Enterprise CMS" and is most commonly used for intranets and as part of the web presence of large organizations Systems Affected Product : Plone...

Libertas Enterprise CMS 3.0 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15950/info Enterprise CMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

CVE-2006-5430

Cross-site scripting XSS vulnerability in the search functionality in db-central dbc Enterprise CMS and db-central CMS allows remote attackers to inject arbitrary web script or HTML via the needle parameter. NOTE: the provenance of this information is unknown; the details are obtained from third...

CVE-2005-4399

Cross-site scripting XSS vulnerability in search/index.php in Libertas Enterprise CMS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the pagesearch parameter...

CVE-2005-4399

CVE-2005-4399 concerns a cross-site scripting (XSS) vulnerability in Libertas Enterprise CMS, versions 3.0 and earlier. The flaw is in the search/index.php handler and allows remote attackers to inject arbitrary web script or HTML via the page_search parameter. The information available does not ...

Libertas Enterprise CMS 3.0 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15950/info Enterprise CMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the brows...