7 matches found
EUVD-2019-18526
Malware in sbrugna...
Sql injection
An issue was discovered in Hsycms V1.1. There is a SQL injection vulnerability via a /news/.html page...
CVE-2019-10653
An issue was discovered in Hsycms V1.1. There is a SQL injection vulnerability via a /news/.html page...
CVE-2019-9145
An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page...
Cross site scripting
An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page...
CVE-2019-9145
CVE-2019-9145 — Normal mode Vulnerability: In Hsycms V1.1, there is a cross-site scripting (XSS) flaw via the name field on the /book page. The root cause is insufficient sanitization/validation of user-supplied input in that field, allowing injected script or HTML to be rendered by an attacker-c...
CVE-2019-9145
An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page...