CVE-2022-42143

Open Source SACCO Management System v1.0 is vulnerable to SQL Injection via /saccoshield/managepayment.php...

Anchor 安全漏洞

Anchor is an open source lightweight blogging system. A security vulnerability exists in Anchore Enterprise anchorectl version 0.1.4, which stems from incorrectly stored credentials when generating the software bill of materials. anchorectl will add credentials used to access the Anchore Enterpri...

MingSoft MCMS SQL注入漏洞

MingSoft MCMS is a complete open source J2ee system from MingSoft, a Chinese company. mingsoft MCMS has a SQL injection vulnerability, which originates from the lack of filtering and escaping of SQL data in the categoryId parameter of /cms/content/list, and can be used by attackers to execute...

MCMS SQL Injection Vulnerability

Mcms is a complete open source J2ee system from China MingFei MingSoft. mcms v5.2.4 version has a SQL injection vulnerability, which originates in /ms/mdiy/model/importJson.do for the lack of filtering and escaping of SQL data. No detailed vulnerability details are available at this time...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. There is a security vulnerability in Google Android version 11, there is no information about this vulnerability yet, please stay tuned to CNNVD or the manufacturer's announcement...

Command Execution Vulnerability in EyouCms (CNVD-2021-41520)

EyouCms is based on the TP5.0 framework for the core development of free open source enterprise content management system, focusing on enterprise station user needs, providing a large number of templates in various industries, reducing the construction of small and medium-sized enterprises, netwo...

SQL Injection Vulnerability in SEMCMS Shop Backend (CNVD-2021-39125)

SEMCMS Shop is a self-developed open source online store btc system. SQL injection vulnerability exists in SEMCMS Shop backend. Attackers can use the vulnerability to obtain sensitive information in the database...

Station Master CMS has arbitrary file reading vulnerability

Station Helpers CMS is a CMS open source system dedicated to creating a full-featured ... Station Helpers CMS has an arbitrary file read vulnerability that can be exploited by attackers to obtain sensitive information...

SQL Injection Vulnerability in Station Helpers CMS (CNVD-2021-37352)

Station Helpers CMS is a CMS open source system dedicated to creating a full-featured ... Station Helpers CMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

File Upload Vulnerability in MCms of Jiangxi Minsoft Technology Co. Ltd (CNVD-2021-36509)

MCms is an open source content management system. Ltd. MCms file upload vulnerability, an attacker can use the vulnerability to obtain control of the server...

Command Execution Vulnerability in WMCMS

WMCMS is based on PHP MYSQL as the core development, free open source professional Chinese labeling system. WMCMS command execution vulnerability , an attacker can use the vulnerability to obtain control of the server...

Hurricane CMS 1.1.0 SQL Injection Vulnerability in Backend

Hurricane CMS is an open source CMS system, features all open source, efficient and convenient secondary development, simple background, plug-in categorization, adapt to various types of websites to expand the construction. Hurricane CMS1.1.0 background SQL injection vulnerability , attackers can...

file upload vulnerability in semcms PHP version 2.0 backend

SemCms is a set of open source foreign trade enterprise website management system, mainly for foreign trade enterprises, compatible with IE, Firefox, google, 360 and other mainstream browsers semcms foreign trade website PHP version 2.0 background file upload vulnerability , attackers can use the...

Extreme cms suffers from SQL injection vulnerability (CNVD-2021-35733)

Extreme cms is an open source web content management system developed by Langfang Extreme Networks Technology Co. Extreme cms SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

Remote Clinic Cross-Site Scripting Vulnerability (CNVD-2021-28262)

Remote Clinic is an open source clinic management system that allows you to remotely manage your clinic via the Web. A cross-site scripting vulnerability exists in Remote Clinic v2.0. The vulnerability can be exploited to inject arbitrary script or html via the "fever" or "blood pressure" field i...

SEMCMS suffers from SQL injection vulnerability (CNVD-2021-29213)

SEMCMS is a self-developed open source online store btc system. SEMCMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

SEMCMS suffers from SQL injection vulnerability (CNVD-2021-29130)

SEMCMS is a self-developed open source online store btc system. SEMCMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

SEMCMS suffers from SQL injection vulnerability (CNVD-2021-29208)

SEMCMS is a self-developed open source online store btc system. SEMCMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in Ke361 Backend Me***.cl***.php

Ke361 is an open source Taobao system, based on the latest ThinkPHP3.2 version of the development, to provide a more convenient and secure WEB application development experience, the Taobao system adopts a new architectural design and namespace mechanism, the integration of modular, driven and...

RGCMS has a file inclusion vulnerability

RGCMS is an open source building management system. RGCMS has a file inclusion vulnerability that can be exploited by an attacker to gain server privileges...