97 matches found
Lin-CMS-TP5 代码注入漏洞
Lin-CMS-TP5 is a content management system by ChenJinchuang's personal developer. A code injection vulnerability exists in Lin-CMS-TP5 0.3.3 and earlier versions, which originates from the incorrect operation of the parameter File in the file application/lib/file/LocalUploader.php, which may lead...
PT-2025-53666
Name of the Vulnerable Software and Affected Versions TaleLin Lin-CMS versions up to 0.6.0 Description A security issue exists in TaleLin Lin-CMS. The issue involves the manipulation of the username/password arguments, potentially leading to exposure of passwords within the configuration file...
PT-2025-53644
Name of the Vulnerable Software and Affected Versions ChenJinchuang Lin-CMS-TP5 versions up to 0.3.3 Description A flaw exists in ChenJinchuang Lin-CMS-TP5 that allows for remote code injection. The issue is located in the Upload function within the LocalUploader.php file of the File Upload Handl...
EUVD-2021-0111
Malware in sbrugna...
EUVD-2021-0110
Malware in sbrugna...
EUVD-2021-0112
Malware in sbrugna...
EUVD-2022-7230
Malicious code in bioql PyPI...
EUVD-2024-39096
Malicious code in bioql PyPI...
CVE-2024-41601
Insecure Permissions vulnerability in lin-CMS v.0.2.0 and before allows a remote attacker to obtain sensitive information via the login method in the UserController.java component...
CVE-2022-44244
An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator...
CVE-2022-32430
An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application...
CVE-2020-18701
Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication token upon logout, which allows for replaying packets...
CVE-2020-18698
Improper Authentication in Lin-CMS-Flask v0.1.1 allows remote attackers to launch brute force login attempts without restriction via the 'login' function in the component 'app/api/cms/user.py'...
CVE-2020-18699
Cross Site Scripting XSS in Lin-CMS-Flask v0.1.1 allows remote attackers to execute arbitrary code by entering scripts in the the 'Username' parameter of the in component 'app/api/cms/user.py'...
CVE-2024-41600
Insecure Permissions vulnerability in lin-CMS Springboot v.0.2.1 and before allows a remote attacker to obtain sensitive information via the login method in the UserController.java component...
CVE-2024-41600
Insecure Permissions vulnerability in lin-CMS Springboot v.0.2.1 and before allows a remote attacker to obtain sensitive information via the login method in the UserController.java component...
CVE-2024-41601
Insecure Permissions vulnerability in lin-CMS v.0.2.0 and before allows a remote attacker to obtain sensitive information via the login method in the UserController.java component...
PT-2024-29457 · Unknown · Lin-Cms Springboot
Name of the Vulnerable Software and Affected Versions: lin-CMS Springboot versions 0.2.1 and before Description: The issue allows a remote attacker to obtain sensitive information via the login method in the UserController.java component. Recommendations: For versions 0.2.1 and before, consider...
CVE-2024-41601
CVE-2024-41601 affects lin-CMS versions 0.2.0 and earlier. The vulnerability is described as an insecure permissions issue in the UserController.java login path, allowing a remote attacker to obtain sensitive information. The provided documents identify the affected component and root cause but d...
CVE-2024-41600
Insecure Permissions vulnerability in lin-CMS Springboot v.0.2.1 and before allows a remote attacker to obtain sensitive information via the login method in the UserController.java component...