207 matches found
native-php-cms 安全漏洞
native-php-cms is a website builder system for FLi individual developers. A security vulnerability exists in version 1.0 of native-php-cms, which stems from improper manipulation of the message/error parameter in the file /fladmin/jump.php, and is susceptible to cross-site scripting attacks...
native-php-cms 安全漏洞
native-php-cms is a website builder system for FLi individual developers. A security vulnerability exists in native-php-cms version 1.0, which originates from improper authorization in the file /fladmin/sysconfigdoedit.php in the Backend component...
native-php-cms 安全漏洞
native-php-cms is a website builder system for FLi individual developers. A security vulnerability exists in native-php-cms version 1.0, which originates from the parameter username in the file /fladmin/login.php that can cause SQL injection...
native-php-cms 安全漏洞
native-php-cms is a website builder system for FLi individual developers. A security vulnerability exists in version 1.0 of native-php-cms, which stems from improper handling in the file /fladmin/userrecoverpwd.php, which could lead to the use of default credentials...
PT-2025-3920 · Fanli2012 · Native-Php-Cms
Name of the Vulnerable Software and Affected Versions: Fanli2012 native-php-cms version 1.0 Description: A critical issue has been found in the processing of the file /fladmin/article dodel.php. The manipulation of the id argument leads to SQL injection. The attack may be initiated remotely. The...
PT-2025-3916 · Fanli2012 · Native-Php-Cms
Name of the Vulnerable Software and Affected Versions: Fanli2012 native-php-cms version 1.0 Description: A critical issue has been found in the software, affecting an unknown functionality of the file /fladmin/login.php. The manipulation of the username argument leads to SQL injection. This issue...
native-php-cms 安全漏洞
native-php-cms is a website builder system for FLi individual developers. A security vulnerability exists in version 1.0 of native-php-cms, which stems from a parameter id in the file /fladmin/friendlinkdodel.php that can lead to SQL injection...
native-php-cms 安全漏洞
native-php-cms is a website builder for FLi individual developers. A security vulnerability exists in native-php-cms version 1.0, which stems from a parameter cat in the file productlist.php that can cause SQL injection...
wtcms 安全漏洞
wtcms is a ThinkPHP-based content management system CMS. A cross-site scripting vulnerability exists in version 1.0 of wtcms, which stems from unprocessed application parameters in the plupload method in the file AssetController.class.php, and can be exploited by an attacker to execute arbitrary...
Desdev DedeCMS 跨站请求伪造漏洞
Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open source content management system CMS from China's Desdev Network Desdev. The system has content publishing, content management, content editing and content retrieval functions. A cross-site request forgery vulnerability...
Emlog Cross-Site Scripting Vulnerability (CNVD-2023-36305)
emlog is a PHP and MySQL based CMS builder for emlog personal developers. A cross-site scripting vulnerability exists in Emlog Pro v2.0.3. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary We...
CLTPHP 代码问题漏洞
CLTPHP is an open source PHP content management system for efficient website building. A security vulnerability exists in CLTPHP 6.0 and earlier versions, which originates from an attacker being able to upload dangerous types of files without restriction via...
CVE-2021-36503
SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...
CVE-2021-36503
SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...
CVE-2021-36503
SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...
native-php-cms SQL注入漏洞
native-php-cms is a website builder for FLi individual developers. A security vulnerability exists in version 1.0 of native-php-cms, which is caused by SQL injection and can be exploited by an attacker to run arbitrary SQL commands via the cat parameter in the /list.php file...
CVE-2021-36503
CVE-2021-36503 is a SQL injection vulnerability affecting native-php-cms version 1.0. The issue allows remote attackers to execute arbitrary SQL commands by supplying crafted input to the cat parameter of the /list.php endpoint. The CVSS v3.1 base score is 9.8 (CRITICAL) with Network attack vecto...
PT-2023-12281 · Unknown · Native-Php-Cms
Name of the Vulnerable Software and Affected Versions: native-php-cms version 1.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the cat parameter in the /list.php file, enabling attackers to inject malicious SQL code...
CVE-2021-36503
SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...
CVE-2022-26613
PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability via the category parameter in categorymenu.php...