Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:0 p.m.9 views

CVE-2018-19228

An issue was discovered in LAOBANCMS 2.0. It allows arbitrary file deletion via ../ directory traversal in the admin/pic.php del parameter, as demonstrated by deleting install/install.txt to permit a reinstallation...

7.5CVSS7AI score0.01536EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:59 a.m.9 views

CVE-2018-19221

An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter...

9.8CVSS8.2AI score0.01202EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:58 a.m.7 views

CVE-2018-19229

An issue was discovered in LAOBANCMS 2.0. It allows XSS via the admin/art.php?typeid=1 biaoti parameter...

5.4CVSS5.8AI score0.00556EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:58 a.m.6 views

CVE-2018-19223

An issue was discovered in LAOBANCMS 2.0. It allows XSS via the first input field to the admin/type.php?id=1 URI...

4.8CVSS5.8AI score0.00559EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-11026

Malware in sbrugna...

9.8CVSS9.5AI score0.01751EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-10938

Malware in sbrugna...

5.4CVSS5.5AI score0.00556EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:21 a.m.7 views

CVE-2018-19226

An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to list .txt files via a direct request for the /data/0/admin.txt URI...

5.3CVSS7AI score0.01177EPSS
Exploits1References1
NVD
NVD
added 2018/11/17 3:29 p.m.14 views

CVE-2018-19328

LAOBANCMS 2.0 allows install/mysqlhy.php?riqi=../ Directory Traversal...

9.8CVSS9.5AI score0.01751EPSS
Exploits1References1
NVD
NVD
added 2018/11/12 8:29 p.m.15 views

CVE-2018-19225

An issue was discovered in LAOBANCMS 2.0. admin/mima.php has CSRF...

8.8CVSS8.7AI score0.00523EPSS
Exploits1References1
NVD
NVD
added 2018/11/12 8:29 p.m.13 views

CVE-2018-19222

An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysqlhy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists...

9.8CVSS9.3AI score0.01422EPSS
Exploits1References1
OSV
OSV
added 2018/11/12 8:29 p.m.3 views

CVE-2018-19221

An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter...

9.8CVSS5.8AI score0.01202EPSS
Exploits1References1
Prion
Prion
added 2018/11/12 8:29 p.m.16 views

Spoofing

An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows spoofing of the id and guanliyuan cookies...

5CVSS7.5AI score0.0098EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/11/12 8:0 p.m.45 views

CVE-2018-19229

LAOBANCMS 2.0 is affected by an XSS vulnerability in the admin/art.php?typeid=1 biaoti parameter. Multiple connected sources (NVD/NVD-derived CVE, Red Hat, CNVD, CVE listings) corroborate that the issue arises from unsanitized input in the biaoti parameter leading to cross-site scripting. The exa...

5.4CVSS5.2AI score0.00556EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/11/12 8:0 p.m.14 views

CVE-2018-19228

An issue was discovered in LAOBANCMS 2.0. It allows arbitrary file deletion via ../ directory traversal in the admin/pic.php del parameter, as demonstrated by deleting install/install.txt to permit a reinstallation...

7.5AI score0.01536EPSS
Exploits1References1
Rows per page
Query Builder