400 matches found
EUVD-2023-33492
Malicious code in bioql PyPI...
EUVD-2022-51726
Malicious code in bioql PyPI...
CVE-2023-51051
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the Atextauth parameter at /admin/ajax.php...
CVE-2023-51048
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the Anewsauth parameter at /admin/ajax.php...
CVE-2023-51049
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the Abbsauth parameter at /admin/ajax.php...
CVE-2023-51050
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the Aproductauth parameter at /admin/ajax.php...
CVE-2023-51052
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the Aformauth parameter at /admin/ajax.php...
CVE-2023-29963
S-CMS v5.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the component /admin/ajax.php...
CVE-2023-29962
S-CMS v5.0 was discovered to contain an arbitrary file read vulnerability...
CVE-2022-4377
A vulnerability was found in S-CMS 5.0 Build 20220328. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Contact Information Page. The manipulation of the argument Make a Call leads to cross site scripting. The attack can be launched...
CVE-2022-23336
S-CMS v5.0 was discovered to contain a SQL injection vulnerability in memberpay.php via the Oid parameter...
CVE-2020-19158
Cross Site Scripting XSS in S-CMS build 20191014 and earlier allows remote attackers to execute arbitrary code via the 'Site Title' parameter of the component '/data/admin//app/config/'...
CVE-2020-20426
S-CMS Government Station Building System v5.0 contains a cross-site scripting XSS vulnerability in /function/booksave.php...
CVE-2020-19954
An XML External Entity XXE vulnerability was discovered in /api/notify.php in S-CMS 3.0 which allows attackers to read arbitrary files...
CVE-2020-20698
A remote code execution RCE vulnerability in /1.com.php of S-CMS PHP v3.0 allows attackers to getshell via modification of a PHP file...
CVE-2020-20340
A SQL injection vulnerability in the 4.edu.php\conn\function.php component of S-CMS v1.0 allows attackers to access sensitive database information...
CVE-2020-20701
A stored cross site scripting XSS vulnerability in /app/config/of S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2020-20425
S-CMS Government Station Building System v5.0 contains a cross-site scripting XSS vulnerability in the search function...
CVE-2020-20699
A cross site scripting XSS vulnerability in S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Copyright text box under Basic Settings...
CVE-2020-20700
A stored cross site scripting XSS vulnerability in /app/formadd/of S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Title Entry text box...