EUVD-2018-17792

Malware in sbrugna...

NoneCMS Information Disclosure Vulnerability (CNVD-2021-45763)

NoneCMS is a content management system CMS based on Thinkphp. An information disclosure vulnerability exists in NoneCMS version 1.3. A remote attacker can exploit this vulnerability to obtain sensitive information via /public/index.php...

NoneCMS Cross-Site Request Forgery Vulnerability (CNVD-2021-34501)

NoneCMS is a simple and compact open-source content management system that can be used to quickly build corporate sites, personal blogs, and support mobile. A cross-site request forgery vulnerability exists in public/index.php/admin/nav/add.html in NoneCMS version 1.3. An attacker can use this...

NoneCms Cross-Site Scripting Vulnerability (CNVD-2021-34498)

NoneCms is a simple and compact open-source content management system that can be used to quickly build corporate sites, personal blogs, and support mobile. NoneCms 1.3.0 version of static/admin/js/kindeditor/plugins/multiimage/images/swfupload.swf cross-site scripting vulnerability. The...

NoneCMS Cross-Site Scripting Vulnerability

NoneCMS is a simple and compact open-source content management system that can be used to quickly build corporate sites, personal blogs, and support mobile. A cross-site scripting vulnerability exists in admin/article/add.html in NoneCMS version 1.3.0. Attackers can use the name parameter to inje...

CVE-2020-23376

NoneCMS v1.3 has a CSRF vulnerability in public/index.php/admin/nav/add.html, as demonstrated by adding a navigation column which can be injected with arbitrary web script or HTML via the name parameter to launch a stored XSS attack...

CVE-2018-20062

An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of the filter parameter, as demonstrated by the s=index/\think\Request/input&filter=phpinfo&data=1 query string...