67 matches found
EUVD-2018-3053
Malware in sbrugna...
EUVD-2019-19019
Malware in sbrugna...
EUVD-2018-11432
Malware in sbrugna...
EUVD-2018-11209
Malware in sbrugna...
EUVD-2019-19018
Malware in sbrugna...
CVE-2024-50809
The theme.php file in SDCMS 2.8 has a command execution vulnerability that allows for the execution of system commands...
CVE-2018-19748
app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows reading arbitrary files via a /?m=plug=admin=index=attachment= directory traversal. The value of the root parameter must be base64 encoded note that base64 encoding, instead of URL encoding, is very rare in a directory travers...
CVE-2024-50809
The theme.php file in SDCMS 2.8 has a command execution vulnerability that allows for the execution of system commands...
CVE-2024-50809
The theme.php file in SDCMS 2.8 has a command execution vulnerability that allows for the execution of system commands...
CVE-2024-50809
CVE-2024-50809 affects SDCMS 2.8 via a vulnerability in the theme.php file that enables command execution (system commands). Multiple sources (NVD, Red Hat, CNNVD, CVE lists, CIRCL) confirm the vulnerable component; CVSSv3.1 base score is 8.8 (High) with network attack vector, low complexity, and...
CVE-2024-50809
The theme.php file in SDCMS 2.8 has a command execution vulnerability that allows for the execution of system commands...
SQL Injection Vulnerability in SDCMS Backend
SDCMS is a B2C mall website management system independently developed by Vivid Network, PHP four-in-one website management system. There are SQL injection vulnerabilities in the backend of SDCMS. Attackers can use the vulnerability to obtain sensitive information...
Arbitrary File Read Vulnerability in SDCMS
SDCMS is a PHP 3-in-1 website management system. SDCMS has an arbitrary file read vulnerability that can be exploited by an attacker to obtain sensitive server information...
Command execution vulnerability in SDCMS (CNVD-2021-34455)
SDCMS is a PHP 3-in-1 website management system. SDCMS suffers from a command execution vulnerability that can be exploited by an attacker to gain system privileges...
Command Execution Vulnerability in SDCMS-B2C Mall Website Management System (CNVD-2021-25006)
SDCMS-B2C mall website management system integrates city substation, cloud storage, three-level distribution, WeChat public number, combination package, multi-people group and many other functions in one marketing mall management system. SDCMS-B2C Mall Website Management System has a command...
SDCMS has an information leakage vulnerability
SDCMS is a B2C mall website management system independently developed by Vivid Network, PHP four-in-one website management system. SDCMS has an information leakage vulnerability, which can be exploited by attackers to obtain sensitive information...
SQL Injection Vulnerability in SDCMS Backend
SDCMS is a PHP 3-in-1 website management system independently developed by Fireworks Network. SDCMS background SQL injection vulnerability, attackers can use the vulnerability to obtain database information...
Code Execution Vulnerability in SDCMS V1.8
SDCMS is a PHP and MySQL based enterprise station building content management system CMS from China Fireworks Network Technology Company. A code execution vulnerability exists in SDCMS V1.8, which can be exploited by an attacker to gain server privileges...
SDCMS has an xss vulnerability
SDCMS is a PHP and MySQL based enterprise station building content management system CMS from China Fireworks Network Technology Company. An xss vulnerability exists in SDCMS, which can be exploited by an attacker to obtain an administrator cookie...
Code injection
There is a CSRF in SDCMS V1.7 via an m=admin&c=theme&a=edit request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the t2 parameter...