EUVD-2006-3016

Malware in sbrugna...

phpCMS SQL Injection Vulnerability (CNVD-2021-49040)

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information and products. A SQL injection vulnerability exists in phpCMS. The vulnerability stems from the diggadd.php file not handling the diggmod...

phpcms directory traversal vulnerability

phpcms is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information, products and so on. A path traversal vulnerability exists in phpcms version 9.1.13. An attacker can exploit this vulnerability to perform...

phpcms 2 0 0 7 onunload. inc. php page to an update-type implant is attached using the EXP-bug warning-the black bar safety net

Download a set of phpcms 2 0 0 7 analysis, in the module\movie\onunload. inc. php found a update type of injection. query"UPDATE ". TABLEMOVIESERVER." SET num = num-1 WHERE serverid = $serverid AND num 0 "; ? $serverid is not any filtering and also not enclosed in single quotation marks, so ignor...

phpcms2008 & phpcms2007 GBK版ask/search_ajax.php SQL注射漏洞

PHPCMS 是国内领先的网站管理系统，同时也是一个开源的PHP开发框架 漏洞文件：ask/searchajax.php code： ?php require './include/common.inc.php'; requireonce MODROOT.'include/ask.class.php'; $ask = new ask; header'Content-type: text/html; charset=utf-8'; ifstrtolowerCHARSET != 'utf-8' $q = iconvCHARSET, 'utf-8', $q; if$q $where = "...

phpcms 2.4 guestbook.php default.php)远程文件包含漏洞

No description provided by source...

CVE-2004-1203

parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to gain sensitive information via an invalid file parameter, which reveals the web server's installation path...