8 matches found
CVE-2025-60454
A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the image management module, specifically in the app\system\img\admin\imgadmin.class.php component. The vulnerability allows attackers to upload malicious SVG files containi...
PT-2025-6879 · Cmseasy · Cmseasy
Name of the Vulnerable Software and Affected Versions: CmsEasy version 7.7.7.9 Description: A vulnerability has been found in the function deleteimg action in the library lib/admin/image admin.php. The manipulation of the argument imgname leads to path traversal. The attack can be launched...
CVE-2024-31551
Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete arbitrary files via crafted GET request...
cmseasy 安全漏洞
CmsEasy is a content management system CMS for creating responsive websites from China's CmsEasy Technology CmsEasy. A security vulnerability exists in cmseasy version v7.7.7.9, which originates from a path traversal vulnerability in the lib/admin/image.admin.php file...
PT-2024-24137 · Cmseasy · Cmseasy
Name of the Vulnerable Software and Affected Versions: cmseasy version 7.7.7.9 20240105 Description: The issue allows attackers to delete arbitrary files via a crafted GET request, exploiting a Directory Traversal vulnerability in the lib/admin/image.admin.php file. Recommendations: For cmseasy...
Phpgurukul Tourism Management System 安全漏洞
Tourism Management System is an American website builder for tourism management. A security vulnerability exists in Phpgurukul Tourism Management System version v2.0, which originates from a file upload vulnerability in /tms/admin/change-image.php...
South Korea HOMPYNET CMS multiple vulnerabilities-vulnerability warning-the black bar safety net
Upload vulnerability URL: /admin/imageadmin3. php? boardid=&iname=&iform= /admin/imageadmin2. php? boardid=&iname=&iform= Uploaded posterior diameter: /biswebpage/images/t. php. en Editor: /admin/editor/SWE.php /program/editor/SWE.php Data configuration file path: /mconfig/DATA/gsetting.php This...
Wang/Kodak Image Admin ActiveX Control
Overview Description The Image Admin control is incorrectly marked safe for scripting. This control is sometimes identified as from "Kodak" and other times as from "Wang". The Image Admin control is one of several controls used to provide image editting services through a web site. Because the...