20 matches found
EUVD-2023-43915
Malicious code in bioql PyPI...
EUVD-2024-53557
Malicious code in bioql PyPI...
EUVD-2023-43917
Malicious code in bioql PyPI...
EUVD-2023-43916
Malicious code in bioql PyPI...
CVE-2024-57252
OtCMS =V7.46 is vulnerable to Server-Side Request Forgery SSRF in /admin/read.php, which can Read system files arbitrarily...
CVE-2023-3241
A vulnerability was found in OTCMS up to 6.62 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/read.php?mudi=announContent. The manipulation of the argument url leads to path traversal. The exploit has been disclosed to the public and may be...
CVE-2023-3239
A vulnerability, which was classified as problematic, was found in OTCMS up to 6.62. Affected is an unknown function of the file admin/readDeal.php?mudi=readQrCode. The manipulation of the argument img leads to path traversal: '../filedir'. The exploit has been disclosed to the public and may be...
CVE-2023-3240
A vulnerability has been found in OTCMS up to 6.62 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file usersNewsdeal.php. The manipulation of the argument file leads to path traversal: '../filedir'. The exploit has been disclosed to the public and...
CVE-2018-8973
OTCMS 3.20 allows XSS by adding a keyword or link to an article, as demonstrated by an admin/keyWorddeal.php?mudi=add request...
CVE-2024-57252
OtCMS =V7.46 is vulnerable to Server-Side Request Forgery SSRF in /admin/read.php, which can Read system files arbitrarily...
CVE-2024-57252
OtCMS =V7.46 is vulnerable to Server-Side Request Forgery SSRF in /admin/read.php, which can Read system files arbitrarily...
CVE-2024-57252
OtCMS =V7.46 is vulnerable to Server-Side Request Forgery SSRF in /admin/read.php, which can Read system files arbitrarily...
CVE-2024-57252
OTCMS
CVE-2023-6772
A vulnerability, which was classified as critical, was found in OTCMS 7.01. Affected is an unknown function of the file /admin/indbackstage.php. The manipulation of the argument sqlContent leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2023-6772 OTCMS ind_backstage.php sql injection
A vulnerability, which was classified as critical, was found in OTCMS 7.01. Affected is an unknown function of the file /admin/indbackstage.php. The manipulation of the argument sqlContent leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2023-3240
A vulnerability has been found in OTCMS up to 6.62 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file usersNewsdeal.php. The manipulation of the argument file leads to path traversal: '../filedir'. The exploit has been disclosed to the public and...
PT-2023-23754 · Otcms · Otcms
Name of the Vulnerable Software and Affected Versions: OTCMS versions up to 6.62 Description: A critical issue was discovered, affecting unknown code. The manipulation of the username and password arguments with the input admin leads to the use of a hard-coded password. Recommendations: For OTCMS...
CVE-2018-8973
OTCMS 3.20 allows XSS by adding a keyword or link to an article, as demonstrated by an admin/keyWorddeal.php?mudi=add request...
CVE-2018-8973
OTCMS 3.20 allows XSS by adding a keyword or link to an article, as demonstrated by an admin/keyWorddeal.php?mudi=add request...
XSS Vulnerability in otcms v2.5.6
Net Titanium Article Management System OTCMS is a simple and good asp article management system. An XSS vulnerability exists in otcms v2.5.6. An attacker can exploit this vulnerability to obtain sensitive information...