Lucene search
K

544 matches found

CNVD
CNVD
added 2021/07/06 12:0 a.m.10 views

Information Disclosure Vulnerability in ESPCMS Professional Edition

ESPCMS is a PHP MYSQL based enterprise building management system. An information disclosure vulnerability exists in ESPCMS Professional, which can be exploited by attackers to obtain sensitive information...

6.5AI score
Exploits0
CNVD
CNVD
added 2021/07/05 12:0 a.m.2 views

Command Execution Vulnerability in Oracle's Website Marketing System

Oxbridge Website Marketing System is an open source content management system, the product is based on PHP+MYSQL architecture, and can run on Windows, Linux, MacOSX, Solaris and other various platforms. Oxbones Website Marketing System has a command execution vulnerability that can be exploited b...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/07/05 12:0 a.m.5 views

File Upload Vulnerability in Oracle Website Marketing System

Oxbridge Website Marketing System is an open source content management system, the product is based on PHP+MYSQL architecture, and can run on Windows, Linux, MacOSX, Solaris and other various platforms. Oxbones Website Marketing System has a file upload vulnerability that can be exploited by an...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/07/02 12:0 a.m.17 views

MyuCMS suffers from an arbitrary file read vulnerability (CNVD-2021-49567)

MyuCMS front-end is built with UIkit framework, back-end is built with layui back-end framework and back-end is developed with PHP+MYSQL. MyuCMS has an arbitrary file read vulnerability that can be exploited by attackers to obtain sensitive information...

6.9AI score
Exploits0
CNVD
CNVD
added 2021/07/01 12:0 a.m.5 views

SQL Injection Vulnerability in Ai Qing Lemon CMS (CNVD-2021-50624)

Aizumi CMS is a php music website developed with php MySQL. Aizumi CMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2021/06/28 12:0 a.m.13 views

BlueCMS suffers from a command execution vulnerability (CNVD-2021-48546)

BlueCMS is a portal system applied to local classified information, the development language architecture is php mysql architecture. BlueCMS has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/06/28 12:0 a.m.16 views

BlueCMS suffers from a command execution vulnerability (CNVD-2021-48545)

BlueCMS is a portal system applied to local classified information, the development language architecture is php mysql architecture. BlueCMS has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/06/28 12:0 a.m.6 views

XSS Vulnerability in DHCMS

DHCMS is a content management system based on PHP and MySQL. DHCMS has an XSS vulnerability that can be exploited by attackers to obtain user cookie information...

6.2AI score
Exploits0
CNVD
CNVD
added 2021/06/28 12:0 a.m.13 views

BlueCMS suffers from SQL injection vulnerability (CNVD-2021-48548)

BlueCMS is a portal system applied to local classified information, the development language architecture is php mysql architecture. BlueCMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.6AI score
Exploits0
CNVD
CNVD
added 2021/06/28 12:0 a.m.10 views

Command Execution Vulnerability in Man City CMS

Man City CMS program is a set of CI framework for the development of the core, in the PHP + MYSQL environment running under the perfect and powerful rapid station-building system. A command execution vulnerability exists in ManCity CMS, which can be exploited by attackers to cause command executi...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/06/25 12:0 a.m.9 views

GNUBOARD5 cross-site scripting vulnerability (CNVD-2021-45753)

GNUBOARD5 is a Web forum system based on PHP and MySQL. A cross-site scripting vulnerability exists in GNUBOARD5 5.3.2.8 and earlier versions. The vulnerability can be exploited to conduct cross-site scripting attacks via the act parameter in bbs/moveupdate.php...

6.1CVSS6.2AI score0.01055EPSS
Exploits1References1
CNVD
CNVD
added 2021/06/25 12:0 a.m.14 views

phpwcms code injection vulnerability

phpwcms is an open source Web content management system. It is fast, easy to install and runs on any standard web server platform that supports PHP/MySQL. phpwcms suffers from a code injection vulnerability that can be exploited by attackers via /phpwcms/setup/setup.php...

9.8CVSS4.1AI score0.01398EPSS
Exploits1References1
CNVD
CNVD
added 2021/06/23 12:0 a.m.5 views

Textpattern Arbitrary File Upload Vulnerability

Textpattern is a free open source content management system based on PHP and MySQL. Textpattern has an arbitrary file upload vulnerability. An attacker can use the fileinsert function in include/txpfile.php to upload arbitrary files...

9.8CVSS7AI score0.0146EPSS
Exploits1References1
CNVD
CNVD
added 2021/06/21 12:0 a.m.12 views

Aptar CMS has a flawed logic vulnerability

Aptar CMS website management system adopts PHP+MYSQL technology, supports pseudo-static function, can generate google and baidu maps, supports custom url, keywords and description, and facilitates SEO search. Aptar CMS has a logic flaw vulnerability that can be exploited by attackers to compromis...

7AI score
Exploits0
CNVD
CNVD
added 2021/06/17 12:0 a.m.6 views

KuaiFanCMS Arbitrary File Read Vulnerability

KuaiFanCMS later referred to as KF using PHP5 + MYSQL as the technical basis for the development of KF using the Smarty template engine to build a site system. KuaiFanCMS V5 has a security vulnerability, the vulnerability stems from KuaiFanCMS V5 in chakanhtml.module.php file HTML url parameter...

6.5CVSS6.5AI score0.0089EPSS
Exploits1References1
CNVD
CNVD
added 2021/06/15 12:0 a.m.11 views

SQL Injection Vulnerability in RPCMS (CNVD-2021-45386)

RPCMS is a lightweight content management/blogging system based on PHP MYSQL. RPCMS suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

7.8AI score
Exploits0
Kitploit
Kitploit
added 2021/06/14 9:30 p.m.49 views

defenselessV1 - Just Another Vulnerable Web Application

Defenseless is a vulnerable web application written in PHP/MySQL. This is the first version of this application. The purpose of this application is to create security awareness among developers and new guys in application security. It would soon be updated with with more bugs and a new vulnerable...

7.5AI score
Exploits0References2
CNVD
CNVD
added 2021/06/11 12:0 a.m.14 views

YXcms has a directory traversal vulnerability

YXcms is a PHP and MySQL based enterprise building content management system CMS. A directory traversal vulnerability exists in YXcms. An exploiter can use this vulnerability to traverse files on the server to obtain sensitive information...

6.8AI score
Exploits0
CNVD
CNVD
added 2021/06/09 12:0 a.m.6 views

Simple-Log Cross-Site Request Forgery Vulnerability

Simple-Log is an open source free blog system based on PHP+MySQL. A cross-site request forgery vulnerability exists in Simple-Log v1.6, which is caused by Simple-Log not adequately verifying that requests come from trusted users. The vulnerability can be exploited to gain privileges and execute...

8.8CVSS7.8AI score0.01054EPSS
Exploits1References1
CNVD
CNVD
added 2021/06/07 12:0 a.m.11 views

BloofoxCMS Cross-Site Scripting Vulnerability (CNVD-2021-40550)

BloofoxCMS is a free and open source web content management system based on PHP+MySQL. A reflective cross-site scripting vulnerability exists in BloofoxCMS version 0.5.2.1. An attacker can exploit this vulnerability by using the fileurl parameter to conduct cross-site scripting attacks...

5.4CVSS6.1AI score0.00516EPSS
Exploits1References1
Rows per page
Query Builder