9 matches found
EUVD-2021-30614
Malicious code in bioql PyPI...
CVE-2021-43707
Cross Site Scripting XSS vulnerability exists in Maccms v10 via linkName parameter...
CVE-2021-43707
Cross Site Scripting XSS vulnerability exists in Maccms v10 via linkName parameter...
CVE-2021-43707
Cross Site Scripting XSS vulnerability exists in Maccms v10 via linkName parameter...
Cross site scripting
Cross Site Scripting XSS vulnerability exists in Maccms v10 via linkName parameter...
CVE-2021-43707
Cross Site Scripting XSS vulnerability exists in Maccms v10 via linkName parameter...
CVE-2021-43707
The provided connected documents confirm a Cross Site Scripting (XSS) vulnerability in Maccms v10, exploitable via the link_Name parameter. Affected component: Maccms v10 (CMS). Root cause as stated: input handling for link_Name allows script injection, leading to XSS. The CVE entry summarizes im...
Code Injection in flatcore/flatcore-cms
Description Another code injection payload in linkname. Proof of Concept Insert into linkname $sleep 10 Go to http://FLATCORE-IP/flatCore-CMS/content/cache/cachelastedit.php and see that the page has stopped for 10 seconds. $ escapes the string, switches context to OS commands. Impact Blind RCE a...
PHP-Fusion 6.01.14 - Blind SQL Injection
PHP-Fusion 6.01.14 - Blind SQL Injection !/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / /...