PHPMyWind Arbitrary Code Execution Vulnerability (CNVD-2018-19540)

PHPMyWind is a set of PHP and MySQL-based and W3C-compliant enterprise website building solutions. A security vulnerability exists in the admin/webconfig.php file in PHPMyWind version 5.5. A remote attacker can exploit this vulnerability to execute arbitrary code with the help of the varvalue fie...

PHPMyWind Cross-Site Scripting Vulnerability (CNVD-2018-19539)

PHPMyWind is a set of PHP and MySQL-based and W3C-compliant enterprise website building solutions. A cross-site scripting vulnerability exists in PHPMyWind version 5.5. A remote attacker can exploit this vulnerability to obtain an administrator cookie and perform other actions with the help of th...

Arbitrary File Deletion Vulnerability in PHPMyWind Backend Database Management System

PHPMyWind is a PHP+MySQL based, W3C compliant website building engine for enterprise level website building. An arbitrary file deletion vulnerability exists in the PHPMyWind backend database management. An attacker can exploit the vulnerability to delete arbitrary files...

Code Execution Vulnerability in PHPMyWind v5.5

PHPMyWind is a PHP MySQL-based development , W3C-compliant building engine . A code execution vulnerability exists in PHPMyWind v5.5. The vulnerability originates from updating variables in the cache file, bypassing the filter, continue to generate custom code files, an attacker can exploit the...

Code Execution Vulnerability in PHPMyWind v5.5

PHPMyWind is a PHP MySQL-based development , W3C-compliant building engine . A code execution vulnerability exists in PHPMyWind v5.5. An attacker can exploit the vulnerability to execute arbitrary code...

Code Execution Vulnerability in PHPMyWind v5.5 Backend

HPMyWind is a PHP + MySQL based development of W3C standards-compliant site building engine . A code execution vulnerability exists in the backend of PHPMyWind v5.5. An attacker can exploit the vulnerability to execute code when configuring product parameters...

Stored Cross-Site Scripting Vulnerability in PHPMyWind v5.5 Backend

HPMyWind is a PHP + MySQL based development of W3C standards-compliant site building engine . A stored cross-site scripting vulnerability exists in the backend of PHPMyWind v5.5. An attacker can insert malicious js code into the page to obtain user cookies and other information, resulting in user...

SQL Injection Vulnerability in PHPMyWind

HPMyWind is a PHP + MySQL based development of W3C standards-compliant site building engine . There is a SQL injection vulnerability in PHPMyWind, which can be exploited by attackers to obtain sensitive information in the database, resulting in information leakage and operational security risks...

PHPMyWind 5.5前台存在sql注入，可重置管理员密码

...

PHPMyWind Cross-Site Scripting Vulnerability (CNVD-2018-15387)

PHPMyWind is a PHP + MySQL based development , W3C compliant site building engine for enterprise-level site building . A cross-site scripting vulnerability exists in PHPMyWind version 5.5. A remote attacker can exploit this vulnerability by sending the 'cid' parameter to the newsshow.php page or ...

Design/Logic Flaw

PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php...

CVE-2018-11487

PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php...

CVE-2018-11487

PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php...

CVE-2018-11487

PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php...

CVE-2018-11487

CVE-2018-11487 affects PHPMyWind 5.5 with reflected Cross-Site Scripting (XSS) via the cid parameter to newsshow.php or via a query string to news.php or about.php. The vulnerability allows an attacker to inject and execute script in a victim’s browser when the affected pages are loaded. Root cau...

Code Execution Vulnerability in PHPMyWind v5.4

PHPMyWind is a PHP MySQL-based development , W3C-compliant building engine . A code execution vulnerability exists in PHPMyWind v5.4. PHPMyWind can be exploited to execute arbitrary code when implementing the generation of cache configuration files...

SQL Injection Vulnerability in PHPMyWind member.php File

PHPMyWind is a PHP MySQL-based development , W3C-compliant building engine . A SQL injection vulnerability exists in the PHPMyWind member.php file. The vulnerability is due to the $sql variable being passed in directly by a parameter, allowing an attacker to exploit the vulnerability to obtain...

SQL Injection Vulnerability in PHPMyWind

HPMyWind is a PHP + MySQL based development of W3C standards-compliant site building engine . PHPMyWind has a SQL injection vulnerability that can be exploited by attackers to access or modify database data...

Arbitrary Password Reset Vulnerability in PHPMyWind v5.4

PHPMyWind is a PHP MySQL-based development , W3C-compliant building engine . An arbitrary password reset vulnerability exists in PHPMyWind v5.4. An attacker can exploit this vulnerability to reset a user's password...

phpmywind background arbitrary file deletion

No description provided by source...