10 matches found
CVE-2020-12704
UliCMS before 2020.2 has PageController stored XSS...
EUVD-2020-4992
Malware in sbrugna...
Arbitrary File Upload
Overview showdoc/showdoc is a tool for an IT team to share documents online. Affected versions of this package are vulnerable to Arbitrary File Upload due to the uploadImg method in the PageController class, which improperly validates file extensions. An attacker can execute arbitrary code by...
PT-2025-9684 · Unknown · Xxyopen Novel-Plus
Name of the Vulnerable Software and Affected Versions: xxyopen novel plus versions prior to 4.4.0 Description: The issue allows a remote attacker to execute arbitrary code via the PageController.java file. Recommendations: For versions prior to 4.4.0, update to a version that contains a fix for...
CVE-2020-12704
UliCMS before 2020.2 has PageController stored XSS...
CVE-2020-12704
UliCMS before 2020.2 has PageController stored XSS...
Cross site scripting
UliCMS before 2020.2 has PageController stored XSS...
CVE-2020-12704
UliCMS before 2020.2 has PageController stored XSS...
Frog CMS 0.9.5 - Multiple Vulnerabilities
Vulnerability ID: HTB22685 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinfrogcms.html Product: Frog CMS Vendor: Philippe Archambault http://www.madebyfrog.com/ Vulnerable Version: 0.9.5 and probably prior versions Vendor Notification: 09 November 2010 Vulnerability Type: CSRF Cross-Site...
CVE-2006-1294
PHP remote file include vulnerability in PageController.php in KnowledgebasePublisher 1.2 allows remote attackers to include and execute arbitrary PHP code via a URL in the dir parameter...