3 matches found
CVE-2020-18167
Cross Site Scripting XSS in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Homepage Introduction" field of component "admin/info.php?shuyu"...
LAOBANCMS 代码问题漏洞
LAOBANCMS is a content management system based on PHP and MySQL. LAOBANCMS v2.0 version of the existence of arbitrary file upload vulnerability, the vulnerability stems from the unrestricted file upload allows remote attackers can exploit the vulnerability to upload arbitrary files, the method is...
CVE-2020-18165
Cross Site Scripting XSS in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Website SEO Keywords" field on the page "admin/info.php?shuyu"...