10 matches found
CVE-2018-19220
An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to execute arbitrary PHP code via the host parameter to the install/ URI...
EUVD-2018-10931
Malware in sbrugna...
EUVD-2018-10929
Malware in sbrugna...
EUVD-2018-10933
Malware in sbrugna...
EUVD-2018-10935
Malware in sbrugna...
EUVD-2018-10934
Malware in sbrugna...
CVE-2018-19227
An issue was discovered in LAOBANCMS 2.0. It allows XSS via the admin/liuyan.php neirong parameter...
CVE-2018-19222
An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysqlhy.php?riqi=0=0 attack to reset the admin password, even if install.txt exists...
The vulnerability of the admin/info.php?shuyu component of the LAOBANCMS software allows a hacker to execute arbitrary code.
The vulnerability of the admin/info.php?shuyu component of the LAOBANCMS software is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
LAOBANCMS cross-site scripting vulnerability (CNVD-2021-34495)
LAOBANCMS is a content management system based on PHP and MySQL. A cross-site scripting vulnerability exists in LAOBANCMS version 2.0. An attacker can execute arbitrary code by injecting commands into the "Website SEO Keywords" field on the "admin/info.php?shuyu" page...