21 matches found
EUVD-2018-13032
Malware in sbrugna...
EUVD-2018-11029
Malware in sbrugna...
EUVD-2020-10953
Malware in sbrugna...
EUVD-2022-51726
Malicious code in bioql PyPI...
CVE-2022-4377
A vulnerability was found in S-CMS 5.0 Build 20220328. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Contact Information Page. The manipulation of the argument Make a Call leads to cross site scripting. The attack can be launched...
CVE-2020-19158
Cross Site Scripting XSS in S-CMS build 20191014 and earlier allows remote attackers to execute arbitrary code via the 'Site Title' parameter of the component '/data/admin//app/config/'...
CVE-2019-17368
S-CMS v1.5 has XSS in tpl.php via the member/memberlogin.php from parameter...
CVE-2023-29962
S-CMS v5.0 was discovered to contain an arbitrary file read vulnerability...
CVE-2023-7191 S-CMS reg.php sql injection
A vulnerability, which was classified as critical, was found in S-CMS up to 2.0build20220529-20231006. This affects an unknown part of the file member/reg.php. The manipulation of the argument Mlogin/Memail leads to sql injection. The exploit has been disclosed to the public and may be used. The...
CVE-2023-7189
A vulnerability classified as critical was found in S-CMS up to 2.0build20220529-20231006. Affected by this vulnerability is an unknown functionality of the file /s/index.php?action=statistics. The manipulation of the argument lid leads to sql injection. The exploit has been disclosed to the publ...
CVE-2023-51050
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the Aproductauth parameter at /admin/ajax.php...
Sql injection
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the Aproductauth parameter at /admin/ajax.php...
S-CMS Security Vulnerabilities
S-CMS is a PHP and MySQL based Content Management System CMS from S-CMS China. A security vulnerability exists in S-CMS v5.0, which originates from the discovery of an SQL injection vulnerability via the Aproductauth parameter in /admin/ajax.php...
CVE-2023-29963
S-CMS v5.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the component /admin/ajax.php...
CVE-2022-4377
A vulnerability was found in S-CMS 5.0 Build 20220328. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Contact Information Page. The manipulation of the argument Make a Call leads to cross site scripting. The attack can be launched...
CVE-2022-23336
S-CMS v5.0 was discovered to contain a SQL injection vulnerability in memberpay.php via the Oid parameter...
Unauthorized access vulnerability in S-CMS enterprise website building system (CNVD-2021-00044)
S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. There is an unauthorized access vulnerability in S-CMS, which can be exploited by an attacker to gain administrator privileges witho...
CVE-2018-20478
An issue was discovered in S-CMS 1.0. It allows reading certain files, such as PHP source code, via the admin/download.php DownName parameter with a mixed-case extension, as demonstrated by a DownName=download.Php value...
S-CMS Cross-Site Request Forgery Vulnerability
S-CMS is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise to provide solutions to build a station of the product. S-CMS 1.5 there is a cross-site request forgery vulnerability, attackers can add new users through admin/ajax.php?type=member&action=add URI to take...
S-CMS V3.0 build20170601 has an arbitrary file download vulnerability
S-CMS is a corporate website building system developed by Zibo Shining Network Technology Co. S-CMS V3.0 build20170601 '/admin/download.asp' page has an arbitrary file download vulnerability, allowing attackers to exploit the vulnerability to download database information...