EUVD-2022-39278

Malicious code in bioql PyPI...

CVE-2022-36572

Sinsiu Sinsiu Enterprise Website System v1.1.1.0 was discovered to contain a remote code execution RCE vulnerability via the component /upload/admin.php?/deal/...

CVE-2021-37270

There is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5.0. Attackers can use this vulnerability to directly access the specified background path without logging in to the background to obtain the background administrator authority...

PHPOK Security Vulnerability

PHPOK is an enterprise website builder system that supports extensions. A security vulnerability exists in PHPOK version 6.4.003, which originates from the presence of a cross-site scripting XSS vulnerability...

Authentication flaw

A vulnerability has been found in Demososo DM Enterprise Website Building System up to 2022.8 and classified as critical. Affected by this vulnerability is the function dmlogin of the file indexDMload.php of the component Cookie Handler. The manipulation of the argument isadmin with the input y...

CVE-2024-1817 Demososo DM Enterprise Website Building System Cookie indexDM_load.php dmlogin improper authentication

A vulnerability has been found in Demososo DM Enterprise Website Building System up to 2022.8 and classified as critical. Affected by this vulnerability is the function dmlogin of the file indexDMload.php of the component Cookie Handler. The manipulation of the argument isadmin with the input y...

CVE-2024-1817 Demososo DM Enterprise Website Building System Cookie indexDM_load.php dmlogin improper authentication

A vulnerability has been found in Demososo DM Enterprise Website Building System up to 2022.8 and classified as critical. Affected by this vulnerability is the function dmlogin of the file indexDMload.php of the component Cookie Handler. The manipulation of the argument isadmin with the input y...

CVE-2024-1817

The CVE-2024-1817 entry concerns Demososo DM Enterprise Website Building System (versions up to 2022.8) with a Cookie Handler flaw in function dmlogin (indexDM_load.php). The root cause is improper authentication due to manipulating the is_admin argument (input y), allowing remote exploitation. P...

PHPOK 安全漏洞

PHPOK is an enterprise website builder with extended support. A security vulnerability exists in PHPOK v6.3 that stems from the presence of a Remote Code Execution RCE vulnerability...

EARCLINK ESPCMS 安全漏洞

Honghu Erchuang Netlink Information Technology EARCLINK ESPCMS is an enterprise website building system from Honghu Erchuang Netlink Information Technology, China. A security vulnerability exists in EARCLINK ESPCMS version P8.21120101, which originated from the discovery of a remote code executio...

CVE-2022-36572

Sinsiu Sinsiu Enterprise Website System v1.1.1.0 was discovered to contain a remote code execution RCE vulnerability via the component /upload/admin.php?/deal/...

Remote code execution

Sinsiu Sinsiu Enterprise Website System v1.1.1.0 was discovered to contain a remote code execution RCE vulnerability via the component /upload/admin.php?/deal/...

CVE-2022-36572

Sinsiu Sinsiu Enterprise Website System v1.1.1.0 is affected by CVE-2022-36572, a remote code execution (RCE) vulnerability exploitable via the component /upload/admin.php?/deal/. The PT-2022-23479 advisory confirms an RCE impact and notes there is no available patch/version with a fix, recommend...

CVE-2022-36572

Sinsiu Sinsiu Enterprise Website System v1.1.1.0 was discovered to contain a remote code execution RCE vulnerability via the component /upload/admin.php?/deal/...

PT-2022-23479 · Sinsiu · Sinsiu Enterprise Website System

Name of the Vulnerable Software and Affected Versions: Sinsiu Sinsiu Enterprise Website System version 1.1.1.0 Description: The issue is related to a remote code execution RCE vulnerability. It can be exploited via the component /upload/admin.php?/deal/. Recommendations: For Sinsiu Sinsiu...

PbootCMS Code Injection Vulnerability

PbootCMS is a new core and permanent open source free PHP enterprise website development and construction management system , is a set of efficient , simple , strong and free commercial PHP CMS source code , to meet the needs of various types of enterprise website development and construction...

Unauthorized Access Vulnerability in zzcms 2021

zzcms is an enterprise website builder. An unauthorized access vulnerability exists in zzcms 2021, which can be exploited by attackers to obtain sensitive information...

S-CMS Access Control Error Vulnerability

S-CMS is a PHP and MySQL-based content management system CMS from S-CMS, a Chinese company. S-CMS suffers from an access control error vulnerability, which originates from an unauthorized access vulnerability in CMS Enterprise Website Construction System 5.0. An attacker can use this vulnerabilit...

CVE-2021-37270

The CVE-2021-37270 entry concerns the CMS Enterprise Website Construction System 5.0. Multiple sources (NVD and CNVD family, CNVD/CNNVD variants) describe an unauthorized access vulnerability that allows an attacker to directly access a backend path without authentication and obtain backend admin...

S-CMS 访问控制错误漏洞

S-CMS is a PHP and MySQL-based content management system CMS from S-CMS, a Chinese company. S-CMS suffers from an access control error vulnerability, which originates from an unauthorized access vulnerability in CMS Enterprise Website Construction System 5.0. An attacker can use this vulnerabilit...