PHPCMS SQL Injection Vulnerability (CNVD-2022-43217)

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules for news, images, downloads, information, products, etc. A security vulnerability exists in PHPCMS v1.0, which stems from the category parameter in categorymenu.php. No detailed vulnerabilit...

PHPCMS SQL注入漏洞

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules for news, images, downloads, information, products, and more. PHPCMS suffers from a SQL injection vulnerability, which originates from the lack of validation of externally entered SQL...

Command Execution Vulnerability in PHPCMS

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information and products. PHPCMS has a command execution vulnerability that can be exploited by attackers to gain control of the server...

phpCMS SQL Injection Vulnerability (CNVD-2021-49040)

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information and products. A SQL injection vulnerability exists in phpCMS. The vulnerability stems from the diggadd.php file not handling the diggmod...

XSS vulnerability in Catfish CMS (CNVD-2021-49122)

CatfishCatfish CMS is open source and free PHPCMS web content management system. Catfish CMS has an XSS vulnerability that can be exploited by attackers to obtain sensitive information such as user cookies...

phpcms directory traversal vulnerability

phpcms is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information, products and so on. A path traversal vulnerability exists in phpcms version 9.1.13. An attacker can exploit this vulnerability to perform...

PHPCMS has a logic flaw vulnerability

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information and products. PHPCMS has a logic flaw vulnerability that can be exploited by attackers to gain control of the server...

phpcms command injection vulnerability

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information and products. A command injection vulnerability exists in phpCMS 2008 sp4. An attacker can exploit this vulnerability to execute arbitrary php...

CVE-2020-22203

SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php...

Sql injection

SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php...

CVE-2020-22199

SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the diggmod parameter to diggadd.php...

CVE-2020-22200

Directory Traversal vulnerability in phpCMS 9.1.13 via the q parameter to publicgetsuggestkeyword...

CVE-2020-22201

phpCMS 2008 sp4 allowas remote malicious users to execute arbitrary php commands via the pagesize parameter to yp/product.php...

CVE-2020-22199

SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the diggmod parameter to diggadd.php...

CVE-2020-22200

Directory Traversal vulnerability in phpCMS 9.1.13 via the q parameter to publicgetsuggestkeyword...

CVE-2020-22201

phpCMS 2008 sp4 allowas remote malicious users to execute arbitrary php commands via the pagesize parameter to yp/product.php...

Sql injection

SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the diggmod parameter to diggadd.php...

Directory traversal

Directory Traversal vulnerability in phpCMS 9.1.13 via the q parameter to publicgetsuggestkeyword...

Design/Logic Flaw

phpCMS 2008 sp4 allowas remote malicious users to execute arbitrary php commands via the pagesize parameter to yp/product.php...

CVE-2020-22203

CVE-2020-22203 describes an SQL injection in phpCMS 2008 sp4 via the genre parameter in yp/job.php. The root cause is insecure input handling in that script, enabling attackers to manipulate SQL statements. Impact per the records is high; CVSS v3.1 base score 9.8 (CRITICAL) with network attack, n...