77 matches found
CVE-2025-0485
A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been classified as problematic. Affected is an unknown function of the file /fladmin/sysconfigdoedit.php. The manipulation of the argument info leads to cross site scripting. It is possible to launch the attack remotely. The exploi...
CVE-2025-0484
A vulnerability was found in Fanli2012 native-php-cms 1.0 and classified as critical. This issue affects some unknown processing of the file /fladmin/sysconfigdoedit.php of the component Backend. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit h...
CVE-2025-0484
A vulnerability was found in Fanli2012 native-php-cms 1.0 and classified as critical. This issue affects some unknown processing of the file /fladmin/sysconfigdoedit.php of the component Backend. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit h...
CVE-2025-0485
A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been classified as problematic. Affected is an unknown function of the file /fladmin/sysconfigdoedit.php. The manipulation of the argument info leads to cross site scripting. It is possible to launch the attack remotely. The exploi...
CVE-2025-0482
A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/userrecoverpwd.php. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed ...
CVE-2025-0485
CVE-2025-0485 — Fanli2012 native-php-cms 1.0 is affected. An unknown function in /fladmin/sysconfig_doedit.php is susceptible to cross-site scripting via manipulation of the argument info. The vulnerability can be exploited remotely, and the exploit has been disclosed publicly. No remediation det...
CVE-2025-0485 Fanli2012 native-php-cms sysconfig_doedit.php cross site scripting
A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been classified as problematic. Affected is an unknown function of the file /fladmin/sysconfigdoedit.php. The manipulation of the argument info leads to cross site scripting. It is possible to launch the attack remotely. The exploi...
CVE-2025-0484
Fanli2012 native-php-cms 1.0 Backend module vulnerability in the file /fladmin/sysconfig_doedit.php allows improper authorization. A remote attacker could exploit this, with public disclosure of the exploit noted in the CVE description. The issue is described across multiple sources (NVD, RHAC, C...
CVE-2025-0484 Fanli2012 native-php-cms Backend sysconfig_doedit.php improper authorization
A vulnerability was found in Fanli2012 native-php-cms 1.0 and classified as critical. This issue affects some unknown processing of the file /fladmin/sysconfigdoedit.php of the component Backend. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit h...
CVE-2025-0484 Fanli2012 native-php-cms Backend sysconfig_doedit.php improper authorization
A vulnerability was found in Fanli2012 native-php-cms 1.0 and classified as critical. This issue affects some unknown processing of the file /fladmin/sysconfigdoedit.php of the component Backend. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit h...
CVE-2025-0483
CVE-2025-0483 affects Fanli2012 native-php-cms 1.0. The vulnerability resides in /fladmin/jump.php, where improper handling/manipulation of the message/error parameter enables cross-site scripting. It is a remote issue with the exploit having been disclosed publicly. Multiple sources summarize th...
CVE-2025-0483 Fanli2012 native-php-cms jump.php cross site scripting
A vulnerability has been found in Fanli2012 native-php-cms 1.0 and classified as problematic. This vulnerability affects unknown code of the file /fladmin/jump.php. The manipulation of the argument message/error leads to cross site scripting. The attack can be initiated remotely. The exploit has...
CVE-2025-0483 Fanli2012 native-php-cms jump.php cross site scripting
A vulnerability has been found in Fanli2012 native-php-cms 1.0 and classified as problematic. This vulnerability affects unknown code of the file /fladmin/jump.php. The manipulation of the argument message/error leads to cross site scripting. The attack can be initiated remotely. The exploit has...
CVE-2025-0482
The CVE-2025-0482 entry describes a critical vulnerability in Fanli2012 native-php-cms 1.0 affecting an unspecified portion of /fladmin/user_recoverpwd.php. The underlying issue is improper handling in that file, enabling use of default credentials. Attacks can be initiated remotely and the explo...
CVE-2025-0482 Fanli2012 native-php-cms user_recoverpwd.php default credentials
A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/userrecoverpwd.php. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed ...
native-php-cms 安全漏洞
native-php-cms is a website builder system for FLi individual developers. A security vulnerability exists in version 1.0 of native-php-cms, which stems from a parameter id in the file /fladmin/articledodel.php that can lead to SQL injection...
native-php-cms 安全漏洞
native-php-cms is a website builder system for FLi individual developers. A security vulnerability exists in version 1.0 of native-php-cms, which stems from a parameter id in the file /fladmin/catdodel.php that can lead to SQL injection...
native-php-cms 安全漏洞
native-php-cms is a website builder system for FLi individual developers. A security vulnerability exists in version 1.0 of native-php-cms, which stems from a parameter id in the file /fladmin/friendlinkdodel.php that can lead to SQL injection...
native-php-cms 安全漏洞
native-php-cms is a website builder system for FLi individual developers. A security vulnerability exists in native-php-cms version 1.0, which originates from the parameter username in the file /fladmin/login.php that can cause SQL injection...
native-php-cms 安全漏洞
native-php-cms is a website builder system for FLi individual developers. A security vulnerability exists in native-php-cms version 1.0, which stems from a parameter id in the file /fladmin/catedit.php that can lead to SQL injection...