EUVD-2023-33910

Malicious code in bioql PyPI...

CVE-2023-2420

A vulnerability was found in MLECMS 3.0. It has been rated as critical. This issue affects the function geturl in the library /upload/inc/lib/admin of the file upload\inc\include\common.func.php. The manipulation of the argument $SERVER'REQUESTURI' leads to sql injection. The attack may be...

CVE-2023-2420

A vulnerability was found in MLECMS 3.0. It has been rated as critical. This issue affects the function geturl in the library /upload/inc/lib/admin of the file upload\inc\include\common.func.php. The manipulation of the argument $SERVER'REQUESTURI' leads to sql injection. The attack may be...

CVE-2023-2420

A vulnerability was found in MLECMS 3.0. It has been rated as critical. This issue affects the function geturl in the library /upload/inc/lib/admin of the file upload\inc\include\common.func.php. The manipulation of the argument $SERVER'REQUESTURI' leads to sql injection. The attack may be...

Sql injection

A vulnerability was found in MLECMS 3.0. It has been rated as critical. This issue affects the function geturl in the library /upload/inc/lib/admin of the file upload\inc\include\common.func.php. The manipulation of the argument $SERVER'REQUESTURI' leads to sql injection. The attack may be...

CVE-2023-2420 MLECMS common.func.php get_url sql injection

A vulnerability was found in MLECMS 3.0. It has been rated as critical. This issue affects the function geturl in the library /upload/inc/lib/admin of the file upload\inc\include\common.func.php. The manipulation of the argument $SERVER'REQUESTURI' leads to sql injection. The attack may be...

CVE-2023-2420

MLECMS 3.0 contains a SQL injection in the get_url function of the /upload/inc/lib/admin module, triggered by manipulating $_SERVER['REQUEST_URI']. This CVE-2023-2420 entry states remote exploitability and public disclosure, rating the issue as CRITICAL per the description. Connected sources cons...

CVE-2023-2420 MLECMS common.func.php get_url sql injection

A vulnerability was found in MLECMS 3.0. It has been rated as critical. This issue affects the function geturl in the library /upload/inc/lib/admin of the file upload\inc\include\common.func.php. The manipulation of the argument $SERVER'REQUESTURI' leads to sql injection. The attack may be...

PT-2023-19474 · Mlecms · Mlecms

Name of the Vulnerable Software and Affected Versions: MLECMS version 3.0 Description: A critical issue affects the get url function in the library /upload/inc/lib/admin of the file uploadincincludecommon.func.php. The manipulation of the argument $ SERVER'REQUEST URI' leads to SQL injection. The...

MLECMS SQL注入漏洞

MLECMS is a multi-language, free, open source content management system from MLECMS Inc. A SQL injection vulnerability exists in MLECMS version 3.0, which stems from the fact that incorrect operation of the parameter $SERVERREQUESTURI can lead to sql injection...

Arbitrary File Deletion Vulnerability in MLECMS

MLECMS is a PHP MySQL, ASP Access/SQL Server based development , enterprise-oriented , support for multi-language , free , open source CMS, to help business users to quickly build and deploy enterprise-level portal . MLECMS arbitrary file deletion vulnerability , an attacker can use this...

Command execution vulnerability in MLECMS backend te***_la***.php file

MLECMS is a professional website building system based on PHP+MYSQL as the core development. A command execution vulnerability exists in the MLECMS backend tela.php file. An attacker can exploit this vulnerability to gain server privileges...

File Inclusion Vulnerability in mlecms v2.3

mlecms is a PHP + MYSQL based on the core development of the station-building system. A file inclusion vulnerability exists in mlecms v2.3. The vulnerability is due to unfiltered incoming parameters are directly spliced into file paths. An attacker can use this vulnerability to obtain php files...

Arbitrary File Write Vulnerability in MLECMS

MLECMS is a PHP + MYSQL based on the core development of the building system. MLECMS has an arbitrary file write vulnerability that can be exploited by attackers to gain control of the web server...

Arbitrary File Deletion Vulnerability in MLECMS Backend

MLECMS is a professional website building system based on PHP+MYSQL as the core development. There is an arbitrary file deletion vulnerability in the MLECMS backend. An attacker can exploit the vulnerability to delete arbitrary files...

XSS Vulnerability in mlecms V2.3

mlecms is a multi-language, free and open source content management system. An XSS vulnerability exists in mlecms V2.3. An attacker can exploit this vulnerability to obtain sensitive information such as user cookies...

mlecms multi-language enterprise website management system v2. 3 newest vulnerabilities 0day-vulnerability warning-the black bar safety net

Vulnerability defects: the storage typexss 漏洞 文件 :links.php Loopholes in the application link at the website name and logo at the address, because the site name“webname”is post GET and didn't do the filter soxssappeared! Using description: xsshit the backend to get webshell Background get a shell...