42 matches found
EUVD-2020-15803
Malware in sbrugna...
EUVD-2020-15801
Malware in sbrugna...
EUVD-2020-23984
Malware in sbrugna...
EUVD-2023-47573
Malicious code in bioql PyPI...
CVE-2023-43154
In Macrob7 Macs Framework Content Management System CMS 1.1.4f, loose comparison in "isValidLogin" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account...
CVE-2020-36498
Macrob7 Macs Framework Content Management System - 1.14f contains a cross-site scripting XSS vulnerability in the account reset function, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the e-mail input field...
CVE-2020-23047
Macrob7 Macs Framework Content Management System - 1.14f was discovered to contain a cross-site scripting XSS vulnerability in the search input field of the search module...
CVE-2020-23045
Macrob7 Macs Framework Content Management System - 1.14f was discovered to contain a SQL injection vulnerability via the 'roleId' parameter of the editRole and deletUser modules...
CVE-2023-45503
SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote attackers to execute arbitrary code, cause a denial of service DoS, escalate privileges, and obtain sensitive information via crafted payload to resetPassword, forgotPasswordProcess, saveUser, saveRole, deleteUser, deleteRole,...
CVE-2023-45503
SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote attackers to execute arbitrary code, cause a denial of service DoS, escalate privileges, and obtain sensitive information via crafted payload to resetPassword, forgotPasswordProcess, saveUser, saveRole, deleteUser, deleteRole,...
CVE-2023-45503
SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote attackers to execute arbitrary code, cause a denial of service DoS, escalate privileges, and obtain sensitive information via crafted payload to resetPassword, forgotPasswordProcess, saveUser, saveRole, deleteUser, deleteRole,...
CVE-2023-45503
SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote attackers to execute arbitrary code, cause a denial of service DoS, escalate privileges, and obtain sensitive information via crafted payload to resetPassword, forgotPasswordProcess, saveUser, saveRole, deleteUser, deleteRole,...
Macrob7 Macs Framework Cms 安全漏洞
Macrob7 Macs Framework Cms is an open source Cms framework by the individual developer Macdonald Terrence Robinson. A security vulnerability exists in Macrob7 Macs CMS version 1.1.4f and earlier, which stems from the presence of a SQL injection vulnerability that could allow a remote attacker to...
CVE-2023-45503
Macrob7 Macs CMS (Macs CMS) 1.1.4f and earlier contains SQL injection vulnerabilities due to improper input handling in several endpoints (e.g., resetPassword, forgotPasswordProcess, saveUser, saveRole, deleteUser, deleteRole, deleteComment, allowComment, addComment). Root cause is lack of input ...
Exploit for CVE-2023-44792
CVE-2023-45503 Vulnerability Details Overview In Macrob7...
Exploit for SQL Injection in Macs_Cms_Project Macs_Cms
CVE-2023-45503 Vulnerability Details Overview In Macrob7...
CVE-2023-43154
In Macrob7 Macs Framework Content Management System CMS 1.1.4f, loose comparison in "isValidLogin" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account...
CVE-2023-43154
In Macrob7 Macs Framework Content Management System CMS 1.1.4f, loose comparison in "isValidLogin" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account...
CVE-2023-43154
In Macrob7 Macs Framework Content Management System CMS 1.1.4f, loose comparison in "isValidLogin" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account...
Type confusion
In Macrob7 Macs Framework Content Management System CMS 1.1.4f, loose comparison in "isValidLogin" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account...