4 matches found
Bolt CMS Cross-Site Scripting Vulnerability (CNVD-2024-35159)
Bolt CMS is Bolt CMS open source PHP-based open source content management system . A cross-site scripting vulnerability exists in Bolt CMS version 3.7.1, which stems from the parameter body in the file /preview/page can lead to cross-site scripting. No detailed vulnerability details are currently...
Textpattern CMS Information Disclosure Vulnerability
Textpattern CMS is a Php-based content management system from the Textpattern team. An information disclosure vulnerability exists in Textpattern CMS v4.8.7 and prior versions, which stems from the application transmitting cookies used in HTTPS session transfers in plaintext. An attacker can...
FDCMS SQL Injection Vulnerability
FDCMS is a PHP-based content management system of Sichuan Method Digital Technology Co. A SQL injection vulnerability exists in FDCMS version 4.0. An attacker can use this vulnerability to inject malicious SQL via Admin/Lib/Action/FloginAction.class.php to obtain database records...
Pluck CMS suffers from a file upload vulnerability (CNVD-2021-40249)
Pluck CMS is a PHP-based content management system. Pluck CMS suffers from a file upload vulnerability that can be exploited by an attacker to upload a webshell and gain server privileges...