CVE-2025-71310

The GDPR cookies module for Backdrop CMS before 1.x-1.3.5 doesn't sufficiently protect visitors from Cross Site Scripting XSS if a malicious value has been provided for the optional 'Info content' field for the YouTube service. This is mitigated by the fact that an attacker must have a role with...

CVE-2025-71310

The GDPR cookies module for Backdrop CMS before 1.x-1.3.5 doesn't sufficiently protect visitors from Cross Site Scripting XSS if a malicious value has been provided for the optional 'Info content' field for the YouTube service. This is mitigated by the fact that an attacker must have a role with...

Maybecms 代码注入漏洞

Maybecms is a web application in the Upgradeextension open source. A code injection vulnerability exists in Maybecms version 1.2, which stems from the parameter datainfocontent in the file /mb/admin/index.php?u=article-edit can lead to cross-site scripting...

PHPCMS v9. 6. 0 arbitrary file upload vulnerability analysis-vulnerability warning-the black bar safety net

Author: p0wd3r know Chong Yu 404 security lab Date: 2017-04-12 0x00 vulnerability overview Vulnerability description A few days ago phpcms v9. 6 arbitrary file upload vulnerability caused by a safety ring hot, by the vulnerability the attacker may be in the unauthorized case any file is uploaded,...