34 matches found
baserCMS 操作系统命令注入漏洞
BaserCMS is a corporate-level content management system CMS developed by the BaserCMS team. Versions of BaserCMS prior to 5.2.3 had a vulnerability related to operating system command injection. This vulnerability originated from the core module of the installation process. Attackers could...
CVE-2025-70958
Multiple reflected cross-site scripting XSS vulnerabilities in the installation module of Subrion CMS v4.2.1 allows attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the dbuser, dbpwd, and dbname parameters...
GHSA-9JJM-MC56-3QXV Subrion CMS vulnerable to cross-site scripting
Multiple reflected Cross-site Scripting XSS vulnerabilities in the installation module of Subrion CMS v4.2.1 allow attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the dbuser, dbpwd, and dbname parameters...
Subrion CMS vulnerable to cross-site scripting
Multiple reflected Cross-site Scripting XSS vulnerabilities in the installation module of Subrion CMS v4.2.1 allow attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the dbuser, dbpwd, and dbname parameters...
CVE-2025-70958
Subrion CMS v4.2.1 installation module is affected by multiple reflected XSS vulnerabilities. The issue allows an attacker to execute arbitrary JavaScript in the context of a user’s browser by injecting a crafted payload into the dbuser, dbpwd, or dbname parameters during installation. The CVE de...
CVE-2025-70958
Multiple reflected cross-site scripting XSS vulnerabilities in the installation module of Subrion CMS v4.2.1 allows attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the dbuser, dbpwd, and dbname parameters...
CVE-2025-70958
Multiple reflected cross-site scripting XSS vulnerabilities in the installation module of Subrion CMS v4.2.1 allows attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the dbuser, dbpwd, and dbname parameters...
CVE-2025-70958
Multiple reflected cross-site scripting XSS vulnerabilities in the installation module of Subrion CMS v4.2.1 allows attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the dbuser, dbpwd, and dbname parameters...
PT-2026-5704
Name of the Vulnerable Software and Affected Versions Subrion CMS version 4.2.1 Description The installation module of Subrion CMS contains reflected cross-site scripting XSS flaws. These flaws allow attackers to execute arbitrary Javascript in the context of a user's browser. Exploitation occurs...
EUVD-2024-52277
Malicious code in bioql PyPI...
EUVD-2023-43127
Malicious code in bioql PyPI...
CVE-2024-54101
Denial of service DoS vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-54101
Denial of service DoS vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-54101
Denial of service DoS vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-54101
Denial of service DoS vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-54101
Denial of service DoS vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-54101
CVE-2024-54101 is described across multiple sources as a denial-of-service vulnerability in the installation module that can affect availability. Public records list Huawei HarmonyOS and EMUI as the affected ecosystem, with a local attack vector and low attack complexity (NVD metrics: AV:L, AC:L,...
PT-2024-36033 · Huawei · Emui +1
Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: A denial of service DoS issue exists in the installation module. Successful exploitation of this issue will affect availability. Recommendations: At the moment, there is no information abo...
CVE-2023-22576
Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation Vulnerability in Installation module. A local low privileged attacker may potentially exploit this vulnerability leading to the execution of arbitrary executable on the operating system with high privileges...
CVE-2023-22576
Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation Vulnerability in Installation module. A local low privileged attacker may potentially exploit this vulnerability leading to the execution of arbitrary executable on the operating system with high privileges...