Security Bulletin: Enterprise Content Managemant System Monitor for March 2026 - multiple CVEs

Summary Enterprise Content Management System Monitor is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details...

Security Bulletin: Enterprise Content Managemant System Monitor for December 2025 - multiple CVEs

Summary Enterprise Content Management System Monitor is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details...

Security Bulletin: Enterprise Content Managemant System Monitor for July 2025 - multiple CVEs

Summary Enterprise Content Management System Monitor is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details...

CVE-2023-50959

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1,2 2.0.2, 23.0.1, and 23.0.2 may allow end users to query more documents than expected from a connected Enterprise Content Management system when configured to...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-0013046)

Adobe Experience Manager is an enterprise-class content management solution from Adobe. Adobe Experience Manager suffers from a cross-site scripting vulnerability that stems from a DOM-based cross-site scripting vulnerability, for which no detailed vulnerability details have been provided...

CVE-2024-32643 Masa CMS vulnerable to authentication bypass with /tag/

Masa CMS is an open source Enterprise Content Management platform. Prior to 7.2.8, 7.3.13, and 7.4.6, if the URL to the page is modified to include a /tag/ declaration, the CMS will render the page regardless of group restrictions. This vulnerability is fixed in 7.2.8, 7.3.13, and 7.4.6...

EUVD-2020-5154

Malware in sbrugna...

EUVD-2014-7868

Malware in sbrugna...

EUVD-2023-55688

Malicious code in bioql PyPI...

CVE-2025-3571

A vulnerability was found in Fannuo Enterprise Content Management System 凡诺企业网站管理系统 1.1/4.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/cmschip.php. The manipulation of the argument del leads to sql injection. The attack can be initiated remotely...

CVE-2025-3571 Fannuo Enterprise Content Management System 凡诺企业网站管理系统 cms_chip.php sql injection

A vulnerability was found in Fannuo Enterprise Content Management System 凡诺企业网站管理系统 1.1/4.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/cmschip.php. The manipulation of the argument del leads to sql injection. The attack can be initiated remotely...

Fannuo Enterprise Content Management System 安全漏洞

Fannuo Enterprise Content Management System is a content management system from Fannuo, China. A security vulnerability exists in Fannuo Enterprise Content Management System version 1.1 and 4.0, which originates from an improper operation of the parameter del in the file admin/cmschip.php, which...

Security Bulletin: Apache uimaj-core.jar security vulnerability CVE-2017-15691

Summary Apache uimaj-core.jar security vulnerability CVE-2017-15691 in FileNet Content Manager FNCM Content Search Services CSS/Enterprise Content Management Text Search ECMTS. CSS/ECMTS is affected and is potentially vulnerable. Vulnerability Details CVEID:CVE-2017-15691 DESCRIPTION: Apache uima...

IBM Cloud Pak for Business Automation Access Control Error Vulnerability (CNVD-2024-16917)

IBM Cloud Pak for Business Automation is a modular set of integrated software components from International Business Machines IBM, built for any hybrid cloud, designed to automate work and accelerate business growth. An access control error vulnerability exists in IBM Cloud Pak for Business...

CVE-2023-50959

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1,2 2.0.2, 23.0.1, and 23.0.2 may allow end users to query more documents than expected from a connected Enterprise Content Management system when configured to...

CVE-2023-50959 IBM Cloud Pak for Business Automation information disclosure

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1,2 2.0.2, 23.0.1, and 23.0.2 may allow end users to query more documents than expected from a connected Enterprise Content Management system when configured to...

CVE-2023-50959 IBM Cloud Pak for Business Automation information disclosure

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1,2 2.0.2, 23.0.1, and 23.0.2 may allow end users to query more documents than expected from a connected Enterprise Content Management system when configured to...

Security Bulletin: Enterprise Content Manager System Monitor For March 2024 - Multiple CVE adressed

Summary Enterprise Content Manager System Monitor is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details...

Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability in Oracle Java SE

Summary There is a vulnerability in Oracle Java SE used by Enterprise Content Management System Monitor. Enterprise Content Management System Monitor has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle...

YFCMF 安全漏洞

YFCMF is a software application. It provides a lightweight enterprise website management system. A security vulnerability exists in YFCMF before 3.0.4, which stems from unknown code in index.php that causes path traversal...