2 matches found
Unspecified vulnerability in calipso
Calipso is a simple NodeJS content management system. Built on themes similar to Drupal and Wordpress, it is designed to be fast, flexible and simple. calipso has a security vulnerability that can be exploited by an attacker to overwrite files on any file system...
DoraCMS Encryption Problem Vulnerability
DoraCMS is based on Nodejs+eggjs+mongodb written a content management system . An encryption issue vulnerability exists in DoraCMS 2.1.1 and earlier versions. The vulnerability arises because the program does not use AES-CBC encryption with random salts or IVs, which makes user-encrypted password...