30 matches found
EUVD-2017-18187
Malware in sbrugna...
EUVD-2018-20550
Malware in sbrugna...
EUVD-2020-14265
Malware in sbrugna...
EUVD-2023-30950
Malicious code in bioql PyPI...
PT-2024-5174 · Unknown · Tailoring Management System
Name of the Vulnerable Software and Affected Versions: Tailoring Management System version 1.0 Description: A critical issue has been identified in the Tailoring Management System, affecting the setgeneral.php file. This issue is related to the lack of protection against SQL query structure...
ZhiCms 安全漏洞
ZhiCms is a professional buy-worthy system for the ZhiCms community. ZhiCms version 4.0 has a security vulnerability that stems from the parameter sitename in the file app/manage/controller/setcontroller.php that causes code injection...
Automad Code Injection Vulnerability
Automad is a flat file content management system and template engine by Marc Anton Dahmen, an individual developer. A code injection vulnerability exists in Automad 1.10.9 and earlier versions, which stems from a stored cross-site scripting XSS vulnerability in the parameter sitename of the file...
CVE-2023-27170
Xpand IT Write-back manager v2.3.1 allows attackers to perform a directory traversal via modification of the siteName parameter...
CVE-2023-27170
Xpand IT Write-back manager v2.3.1 allows attackers to perform a directory traversal via modification of the siteName parameter...
CVE-2023-27170
Xpand IT Write-back manager v2.3.1 allows attackers to perform a directory traversal via modification of the siteName parameter...
Xpand IT Write-back manager security vulnerability
Xpand IT Write-back manager is an extension for Xpand IT. that allows users to enter data directly from Tableau dashboards into the database. A security vulnerability exists in Xpand IT Write-back manager version v2.3.1, which stems from allowing an attacker to perform directory traversal via the...
CVE-2020-21495
A cross-site scripting XSS vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitename parameter...
CVE-2020-21495
A cross-site scripting XSS vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitename parameter...
CVE-2020-21495
A cross-site scripting XSS vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitename parameter...
MiniCMS Arbitrary PHP Code Execution Vulnerability
MiniCMS is a micro content management system designed for personal websites. An arbitrary PHP code execution vulnerability exists in MiniCMS 1.10. An attacker can exploit this vulnerability to execute arbitrary PHP code via the install.php sitename parameter...
CVE-2018-18892
MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the sitename field in mcconf.php...
Code injection
MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the sitename field in mcconf.php...
CVE-2018-18892
MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the sitename field in mcconf.php...
D-Link Central WiFi Manager Cross-Site Scripting Vulnerability (CNVD-2018-20464)
D-Link Central WiFi Manager is a WiFi management system from AUO D-Link. A cross-site scripting vulnerability exists in the 'sitename' parameter of the UpdateSite endpoint in versions prior to D-Link Central WiFi Manager 1.03r0100-Beta1. A remote attacker can exploit this vulnerability to inject...
CVE-2018-17443
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'sitename' parameter of the UpdateSite endpoint is vulnerable to stored XSS...