17 matches found
maccms 安全漏洞
MacCMS is a comprehensive and powerful website building system developed under the PHP+MySQL environment by MagicBlack. Versions of MacCMS prior to 2025.1000.4052 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of the orderid parameter in the Member Order...
EUVD-2025-29117
Malicious code in bioql PyPI...
EUVD-2025-29115
Malicious code in bioql PyPI...
CVE-2025-10395
A vulnerability was found in Magicblack MacCMS 2025.1000.4050. Affected by this vulnerability is the function colurl of the component Scheduled Task Handler. Performing manipulation of the argument cjurl results in server-side request forgery. It is possible to initiate the attack remotely...
CVE-2025-10397
A vulnerability was identified in Magicblack MacCMS 2025.1000.4050. This affects an unknown part of the component API Handler. The manipulation of the argument cjurl leads to server-side request forgery. The attack can be initiated remotely. The exploit is publicly available and might be used...
CVE-2025-10397
A vulnerability was identified in Magicblack MacCMS 2025.1000.4050. This affects an unknown part of the component API Handler. The manipulation of the argument cjurl leads to server-side request forgery. The attack can be initiated remotely. The exploit is publicly available and might be used...
CVE-2025-10397 Magicblack MacCMS API server-side request forgery
A vulnerability was identified in Magicblack MacCMS 2025.1000.4050. This affects an unknown part of the component API Handler. The manipulation of the argument cjurl leads to server-side request forgery. The attack can be initiated remotely. The exploit is publicly available and might be used...
CVE-2025-10397 Magicblack MacCMS API server-side request forgery
A vulnerability was identified in Magicblack MacCMS 2025.1000.4050. This affects an unknown part of the component API Handler. The manipulation of the argument cjurl leads to server-side request forgery. The attack can be initiated remotely. The exploit is publicly available and might be used...
CVE-2025-10397
CVE-2025-10397 affects Magicblack MacCMS 2025.1000.4050, specifically the API Handler component. The vulnerability arises from manipulation of the cjurl parameter, enabling a remote server-side request forgery (SSRF) . Several connected documents confirm the issue and indicate the attack can be i...
CVE-2025-10395
A vulnerability was found in Magicblack MacCMS 2025.1000.4050. Affected by this vulnerability is the function colurl of the component Scheduled Task Handler. Performing manipulation of the argument cjurl results in server-side request forgery. It is possible to initiate the attack remotely...
CVE-2025-10395
A vulnerability was found in Magicblack MacCMS 2025.1000.4050. Affected by this vulnerability is the function colurl of the component Scheduled Task Handler. Performing manipulation of the argument cjurl results in server-side request forgery. It is possible to initiate the attack remotely...
CVE-2025-10395
The CVE-2025-10395 entry concerns Magicblack MacCMS (version 2025.1000.4050) where the col_url function in the Scheduled Task Handler is vulnerable. The root cause is improper manipulation of the cjurl parameter, enabling server-side request forgery. This can be triggered remotely and could impac...
CVE-2025-10395 Magicblack MacCMS Scheduled Task col_url server-side request forgery
A vulnerability was found in Magicblack MacCMS 2025.1000.4050. Affected by this vulnerability is the function colurl of the component Scheduled Task Handler. Performing manipulation of the argument cjurl results in server-side request forgery. It is possible to initiate the attack remotely...
CVE-2025-10395 Magicblack MacCMS Scheduled Task col_url server-side request forgery
A vulnerability was found in Magicblack MacCMS 2025.1000.4050. Affected by this vulnerability is the function colurl of the component Scheduled Task Handler. Performing manipulation of the argument cjurl results in server-side request forgery. It is possible to initiate the attack remotely...
PT-2025-37406
Name of the Vulnerable Software and Affected Versions: Magicblack MacCMS version 2025.1000.4050 Description: A server-side request forgery issue exists in the col url function of the Scheduled Task Handler component. Manipulation of the cjurl argument can trigger the issue, allowing for remote...
PT-2025-37408
Name of the Vulnerable Software and Affected Versions: Magicblack MacCMS version 2025.1000.4050 Description: A vulnerability exists in Magicblack MacCMS 2025.1000.4050, specifically within the API Handler component. Manipulation of the cjurl argument can lead to server-side request forgery SSRF...
maccms10 安全漏洞
maccms10 is magicblack open source a set of PHP + MYSQL environment running under the perfect and powerful rapid website building system. A security vulnerability exists in maccms10 version v2024.1000.4040, which stems from the presence of a stored cross-site scripting XSS vulnerability that allo...