CVE-2025-10018 Multiple Stored XSS in QuickCMS

QuickCMS is vulnerable to multiple Stored XSS in language editor functionality languages. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed on every page. By default admin user is not able to add JavaScript into the website. Th...

bloofoxCMS多个安全漏洞

Bugtraq ID:65019 bloofox CMS是一款内容管理系统。 bloofox CMS不正确过滤用户提交的输入，允许远程攻击者利用漏洞进行SQL注入，文件包含，跨站请求伪造攻击。 0 bloofox CMS 0.5.0 目前没有详细解决方案提供： http://www.bloofox.com/download.21.html EXPLOIT http://localhost/admin/index.php?mode=settings&page=editor&fileurl=config.php !/usr/bin/perl Title : bloofoxCMS V0.5.0...

bloofoxCMS 0.5.0 CSRF / PHP Code Injection

!/usr/bin/perl Title : bloofoxCMS V0.5.0 - Csrf inject php code Author : AtT4CKxT3rR0r1ST Contact : [email protected] , [email protected] Home : http://www.iphobos.com/blog/ Script : http://www.bloofox.com/download.21.html Version : 0.5.0 Dork : "Powered by bloofoxCMS" Vulnerability In Languag...