CVE-2026-11439

A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization. The attack may be performed from...

CVE-2026-11439 theonedev Parent Project projects improper authorization

A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization. The attack may be performed from...

OneDev 授权问题漏洞

OneDev is a JAVA-based multi-functional DevOps platform developed by Theonedev team. This platform supports container building, orchestration, CI, Git management, and team collaboration, helping developers create a simple yet powerful development platform. Versions of OneDev prior to 15.0.5 have...

PT-2026-38228

Name of the Vulnerable Software and Affected Versions Masa CMS versions prior to 7.2.10 Masa CMS versions prior to 7.3.15 Masa CMS versions prior to 7.4.10 Masa CMS versions prior to 7.5.3 Description The cTrash.restore function fails to properly validate anti-CSRF Cross-Site Request Forgery toke...

Masa CMS 跨站请求伪造漏洞

Masa CMS is a digital experience platform operated by Masa CMS organization. Versions of Masa CMS 7.5.2 and earlier contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the cTrash.restore function not properly verifying the anti-CSRF token, allowing attackers to...

EUVD-2018-11449

Malware in sbrugna...

EUVD-2006-5942

Malware in sbrugna...

CVE-2024-48238

WTCMS 1.0 is vulnerable to SQL Injection in the editpost method of /Admin\Controller\NavControl.class.php via the parentid parameter...

CVE-2024-48238

WTCMS 1.0 is vulnerable to SQL Injection in the editpost method of /Admin\Controller\NavControl.class.php via the parentid parameter...

CVE-2024-48238

WTCMS 1.0 is vulnerable to SQL Injection in the editpost method of /Admin\Controller\NavControl.class.php via the parentid parameter...

CVE-2024-48238

WTCMS 1.0 is vulnerable to SQL Injection in the editpost method of /Admin\Controller\NavControl.class.php via the parentid parameter...

CVE-2024-48238

CVE-2024-48238 affects WTCMS 1.0. The vulnerability is a SQL injection in the edit_post functionality implemented in /Admin/Controller/NavControl.class.php via the parentid parameter. The Red Hat, NVD, CVE listings corroborate the same description. Affected component: WTCMS 1.0; vulnerability typ...

wtcms 安全漏洞

wtcms is a ThinkPHP-based content management system CMS by Taosir Personal Developer. A security vulnerability exists in version 1.0 of wtcms, which stems from vulnerability to SQL injection attacks via the parentid parameter in file /AdminControllerNavControl.class.php...

PT-2024-33049 · Wtcms · Wtcms

Name of the Vulnerable Software and Affected Versions: WTCMS version 1.0 Description: The issue concerns SQL Injection in the edit post method of the /Admin/Controller/NavControl.class.php file via the parentid parameter. This allows for potential exploitation. Recommendations: For WTCMS version...

CVE-2024-48238

WTCMS 1.0 is vulnerable to SQL Injection in the editpost method of /Admin\Controller\NavControl.class.php via the parentid parameter...

CVE-2023-6655

A vulnerability, which was classified as critical, has been found in Hongjing e-HR 2020. Affected by this issue is some unknown functionality of the file /wselfservice/oauthservlet/%2e./.%2e/general/inform/org/loadhistroyorgtree of the component Login Interface. The manipulation of the argument...

Sql injection

A vulnerability, which was classified as critical, has been found in Hongjing e-HR 2020. Affected by this issue is some unknown functionality of the file /wselfservice/oauthservlet/%2e./.%2e/general/inform/org/loadhistroyorgtree of the component Login Interface. The manipulation of the argument...

Hongjing e-HR SQL Injection Vulnerability

Hongjing e-HR is a human resource management system from Hongjing, China. A SQL injection vulnerability exists in Hongjing e-HR version 2020, which is caused by a SQL injection vulnerability in the parameter parentid...

GHSA-HC72-VJ3G-5G2G Cross-site Scripting in ZKEACMS

A cross-site scripting XSS vulnerability in /navigation/create?ParentID=%23 of ZKEACMS v3.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ParentID parameter...

CVE-2022-29362

A cross-site scripting XSS vulnerability in /navigation/create?ParentID=%23 of ZKEACMS v3.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ParentID parameter...