127 matches found
CVE-2025-9415
A vulnerability was identified in GreenCMS up to 2.3.0603. This affects an unknown part of the file /index.php?m=admin&c=media&a=fileconnect. The manipulation of the argument upload leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit is publicly available...
CVE-2025-9415 GreenCMS index.php unrestricted upload
A vulnerability was identified in GreenCMS up to 2.3.0603. This affects an unknown part of the file /index.php?m=admin&c=media&a=fileconnect. The manipulation of the argument upload leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit is publicly available...
CVE-2025-9415 GreenCMS index.php unrestricted upload
A vulnerability was identified in GreenCMS up to 2.3.0603. This affects an unknown part of the file /index.php?m=admin&c=media&a=fileconnect. The manipulation of the argument upload leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit is publicly available...
CVE-2025-9415 GreenCMS index.php unrestricted upload
A vulnerability was identified in GreenCMS up to 2.3.0603. This affects an unknown part of the file /index.php?m=admin&c=media&a=fileconnect. The manipulation of the argument upload leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit is publicly available...
CVE-2025-9415
GreenCMS ≤ 2.3.0603 contains an unrestricted file upload vulnerability in index.php?m=admin&c=media&a=fileconnect via manipulation of the upload[] parameter. The issue allows remote exploitation and is linked to publicly available exploits. It affects products no longer maintained. Remediation: u...
GreenCMS 安全漏洞
GreenCMS is an open source content management system CMS developed by GreenCMS based on ThinkPHP. A security vulnerability exists in GreenCMS 2.3.0603 and earlier versions, which stems from the incorrect operation of the parameter upload in the file/index.php?m=admin&c=media&a=fileconnect,...
PT-2025-34699
Name of the Vulnerable Software and Affected Versions: GreenCMS versions prior to 2.3.0604 Description: A vulnerability exists in GreenCMS that allows for unrestricted file upload. The issue is located in an unknown part of the file /index.php?m=admin&c=media&a=fileconnect. Manipulation of the...
CVE-2024-22570
A stored cross-site scripting XSS vulnerability in /install.php?m=install=index=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2022-28918
GreenCMS v2.3.0603 was discovered to contain an arbitrary file deletion vulnerability via /index.php?m=admin=custom=plugindelhandlename=...
CVE-2020-21366
Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php...
CVE-2024-22570
A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-22570
A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
Cross site scripting
A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-22570
A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-22570
A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
GreenCMS Cross-Site Scripting Vulnerability
GreenCMS is a content management system CMS developed on ThinkPHP. A cross-site scripting vulnerability exists in GreenCMS v2.3, which originated from a vulnerability that allows attackers to execute arbitrary web script or HTML via a specially crafted payload...
PT-2024-19491 · Greencms · Greencms
Name of the Vulnerable Software and Affected Versions: GreenCMS version 2.3 Description: A stored cross-site scripting XSS issue exists in the /install.php?m=install&c=index&a=step3 endpoint of GreenCMS, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-22570
GreenCMS v2.3 contains a stored XSS in the /install.php?m=install&c=index&a=step3 endpoint. The vulnerability allows attackers to inject arbitrary scripts via a crafted payload, with impact on visiting users who load the affected page. The CVE notes a stored XSS scenario; the current connected so...
CVE-2020-21366
Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php...
CVE-2020-21366
Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php...