CVE-2026-6487

A flaw has been found in Qihui jtbc5 CMS 5.0.3.6. Affected is an unknown function of the file /dev/code/common/diplomat/manage.php of the component Code Endpoint. This manipulation of the argument path causes path traversal. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-6487 Qihui jtbc5 CMS Code Endpoint manage.php path traversal

A flaw has been found in Qihui jtbc5 CMS 5.0.3.6. Affected is an unknown function of the file /dev/code/common/diplomat/manage.php of the component Code Endpoint. This manipulation of the argument path causes path traversal. The attack is possible to be carried out remotely. The exploit has been...

QiHui JBTC CMS 安全漏洞

QiHui JBTC CMS is an open-source content management system developed by QiHui. Version 5.0.3.6 of QiHui JBTC CMS contains a security vulnerability. This vulnerability stems from an unknown function in the component Code Endpoint, which improperly handles parameters with the path parameter in the...

CVE-2020-35973

An issue was discovered in zzcms2020. There is a XSS vulnerability that can insert and execute JS code arbitrarily via /user/manage.php...

zzcms zzcms 跨站脚本漏洞

ZZCMS is the content management system of Webmaster Merchants. A cross-site scripting vulnerability exists in /user/manage.php in ZZCMS version 2020. An attacker can exploit this vulnerability to insert and execute arbitrary JS code...

CVE-2019-1010152

zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The component is: user/manage.php line 31-80...

CVE-2018-19546

JTBCPHP 3.0.1.7 has CSRF via the console/xml/manage.php?type=action&action=edit URI, as demonstrated by an XSS payload in the content parameter...