19 matches found
CVE-2023-53927
PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through section name parameters. Attackers can create sections with embedded JavaScript payloads that will execute when administrators view the sections,...
CVE-2023-53926
PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers to manipulate database queries. Attackers can inject crafted SQL payloads through the 'column' parameter in the index.php endpoint to potentially extract or modify database...
EUVD-2023-60204
PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through section name parameters. Attackers can create sections with embedded JavaScript payloads that will execute when administrators view the sections,...
EUVD-2023-60205
PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers to manipulate database queries. Attackers can inject crafted SQL payloads through the 'column' parameter in the index.php endpoint to potentially extract or modify database...
CVE-2023-53927
PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through section name parameters. Attackers can create sections with embedded JavaScript payloads that will execute when administrators view the sections,...
CVE-2023-53927
PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through section name parameters. Attackers can create sections with embedded JavaScript payloads that will execute when administrators view the sections,...
CVE-2023-53926
PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers to manipulate database queries. Attackers can inject crafted SQL payloads through the 'column' parameter in the index.php endpoint to potentially extract or modify database...
CVE-2023-53926
PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers to manipulate database queries. Attackers can inject crafted SQL payloads through the 'column' parameter in the index.php endpoint to potentially extract or modify database...
CVE-2023-53927 PHPJabbers Simple CMS 5.0 Stored Cross-Site Scripting via Section Creation
PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through section name parameters. Attackers can create sections with embedded JavaScript payloads that will execute when administrators view the sections,...
CVE-2023-53927 PHPJabbers Simple CMS 5.0 Stored Cross-Site Scripting via Section Creation
PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through section name parameters. Attackers can create sections with embedded JavaScript payloads that will execute when administrators view the sections,...
CVE-2023-53926 PHPJabbers Simple CMS 5.0 SQL Injection via Column Parameter
PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers to manipulate database queries. Attackers can inject crafted SQL payloads through the 'column' parameter in the index.php endpoint to potentially extract or modify database...
CVE-2023-53926 PHPJabbers Simple CMS 5.0 SQL Injection via Column Parameter
PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers to manipulate database queries. Attackers can inject crafted SQL payloads through the 'column' parameter in the index.php endpoint to potentially extract or modify database...
CVE-2023-53926
CVE-2023-53926 affects PHPJabbers Simple CMS 5.0. A SQL injection in the 'column' parameter of the index.php endpoint can allow remote attackers to manipulate queries and potentially extract or modify database information. The vulnerability is documented across multiple sources (including RH, NVD...
PHPJabbers Simple CMS 跨站脚本漏洞
PHPJabbers Simple CMS is an open source content management system from PHPJabbers. A cross-site scripting vulnerability exists in PHPJabbers Simple CMS version 5.0, which originates from an authenticated attacker being able to inject malicious script via the section name parameter, potentially...
PT-2025-51965
Name of the Vulnerable Software and Affected Versions PHPJabbers Simple CMS version 5.0 Description The software contains a stored cross-site scripting issue. Authenticated attackers can inject malicious scripts through section name parameters. Attackers can create sections with embedded JavaScri...
PHPJabbers Simple CMS SQL注入漏洞
PHPJabbers Simple CMS is a PHPJabbers open source content management system. A SQL injection vulnerability exists in PHPJabbers Simple CMS version 5.0, which originates from a SQL injection in the column parameter of the index.php endpoint, which may result in database information being extracted...
PHPJabbers Simple CMS 5.0 Cross Site Scripting
Exploit Title: PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting XSS Date: 2023-04-29 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/ Version: 5.0 Tested on: Kali Linux Steps to Reproduce - Please...
PHPJabbers Simple CMS 5.0 - SQL Injection Vulnerability
Exploit Title: PHPJabbers Simple CMS 5.0 - SQL Injection Date: 2023-04-29 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/ Version: 5.0 Tested on: Kali Linux Request GET...
PHPJabbers Simple CMS 5 - (name) Persistent Cross-Site Scripting Vulnerability
Exploit Title: PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting XSS Google Dork: subtitle:Copyright © 2021 PHPJabbers.com Date: 2021-10-28 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/...