Command Execution Vulnerability in Knight CMS of Taiyuan Xunyi Technology Co. Ltd (CNVD-2021-19735)

Knight CMS is a free and open source professional recruitment system based on PHP MYSQL as the core development. Taiyuan Xunyi Technology Co., Ltd. Knight CMS command execution vulnerabilities, attackers can use the vulnerability to obtain control of the web server...

Code Execution Vulnerabilities in Knight CMS Backend of Taiyuan Xunyi Technology Co.

Knight CMS is a free and open source professional recruitment system based on PHP MYSQL as the core development. Taiyuan Xunyi Technology Co., Ltd. Knight CMS code execution vulnerabilities exist in the background. Attackers can exploit the vulnerability to obtain control of the server...

Knight CMS suffers from SQL injection vulnerability (CNVD-2021-09683)

Knight CMS is based on PHP + MYSQL as the core development of a set of free + open source professional recruitment system. Knight CMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

Command Execution Vulnerability in Knight CMS of Taiyuan Xunyi Technology Co.

Knight CMS is based on PHP + MYSQL as the core development of a set of free + open source professional recruitment system. Knight CMS has a command execution vulnerability that can be exploited by attackers to gain server control privileges...

74CMS PHP Remote File Inclusion Vulnerability

Knight CMS 74cms is a free website management system based on PHP+MYSQL, providing perfect talent recruitment website construction program. There is a PHP remote file inclusion vulnerability in the assignresumetpl method in Application/Common/Controller/BaseController.class.php in versions prior ...

File Inclusion Vulnerability in Knight CMS Frontend

Knight Talent System is based on PHP + MYSQL as the core development of a set of free + open source professional recruitment system. A file inclusion vulnerability exists in the frontend of Knight CMS, which can be exploited by attackers to cause the inclusion of files to execute arbitrary code...

Knight CMS of Taiyuan Xunyi Technology Co., Ltd. suffers from SQL injection vulnerability (CNVD-2020-58523)

Knight CMS is based on PHP + MYSQL as the core development of a set of free + open source professional recruitment system. Knight CMS is vulnerable to SQL injection. Attackers can use the vulnerability to obtain sensitive information in the database...

Knight CMS has a flawed logic vulnerability

Knight CMS is a PHP-based open source professional talent system. Knight CMS has a logic flaw vulnerability that can be exploited by attackers to reset any user's password...

Stored XSS Vulnerability in Knight CMS

Knight CMS is a PHP-based open source professional talent system. Knight CMS has a stored XSS vulnerability that can be exploited by attackers to inject arbitrary Web script or HTML...

Code Execution Vulnerability in Knight CMS Admin Backend

74cms Knight CMS is a PHP-based open source professional talent system. Knight CMS management background code execution vulnerabilities, attackers can use the vulnerability to obtain control of the web server...

骑士cms后台任意目录删除

No description provided by source...

Unauthorized operation vulnerability in 74cms frontend

74cms knight cms is a PHP-based open source professional talent system. 74cms has an override access vulnerability. Attackers can use the vulnerability to modify database information...

Arbitrary file deletion vulnerability in Knight CMS Talent Recruitment System

74cms knight cms is a PHP-based open source professional talent system. Knight CMS Talent Recruitment System alController.class.php in the ajaxresumeattach function exists arbitrary file deletion vulnerability. Allow attackers to exploit the vulnerability to delete arbitrary files resulting in th...

Knight CMS Talent Recruitment System type parameter exists server-side template injection vulnerability

74cms knight cms is a PHP-based open source professional talent system. Knight CMS Talent Recruitment System TYPE parameter has a server-side template injection vulnerability . Allow attackers to upload any file to obtain server privileges...

Cross-site scripting vulnerability in 74cms (Knight Cms)

74cms knight cms is a PHP-based open source professional talent system. 74cms Knight cms suffers from a cross-site scripting vulnerability. Because the program fails to adequately filter user input, allowing an attacker to construct malicious web pages, inducing users to parse and execute arbitra...

Arbitrary Command Execution Vulnerability in Knight CMS

Knight CMS Talent System is a professional talent system based on PHP+MYSQL. Knight CMS version 4.1.0 suffers from an arbitrary command execution vulnerability. Due to the Knight CMS V4.1.0 using the tp framework there is a template engine remote code execution vulnerability. Attackers can exploi...

Stored Cross-Site Scripting Vulnerability in Knight CMS Version 3.7

Knight CMS Talent System is a professional talent system based on PHP+MYSQL. A stored cross-site scripting vulnerability exists in Knight CMS version 3.7. Because the editor in KindEditor version 4.1.10 fails to filter input content, an attacker can exploit the vulnerability to execute arbitrary...

Knight CMS suffers from SQL injection vulnerability

Knight CMS Talent System is a professional talent system based on PHP+MYSQL. Knight CMS Talent System version 3.7 suffers from a SQL injection vulnerability, which is exploited by attackers to obtain sensitive information due to unfiltered variable names...

Knight CMS Talent System v3.7 has SQL Injection Vulnerabilities

Knight CMS Talent System is a professional talent system based on PHP+MYSQL. Knight CMS Talent System v3.7 suffers from a SQL injection vulnerability due to numeric variable filtering being missed resulting in injection, allowing remote attackers to exploit the vulnerability by submitting special...

Knight CMS Talent System Cross-site Scripting Vulnerability

Knight CMS Talent System is a professional talent system based on PHP+MYSQL. Knight CMS Talent System v3.7 cross-site scripting vulnerability, attackers can exploit the vulnerability to execute arbitrary script code, steal cookie-based authentication and launch other attacks...