151 matches found
XSS Vulnerability in XYHCMS
Xing Yunhai CMS XYHcms is a completely open source CMS content management system. XYHCMS has an XSS vulnerability that can be exploited by attackers to obtain administrator cookies...
SQL Injection Vulnerability in Yunye CMS Frontend
Yunye cms enterprise building system is developed by php + mysql a set of open source cms dedicated to small and medium-sized enterprise website construction. Yunye CMS front-end SQL injection vulnerability , attackers can exploit the vulnerability to obtain database sensitive information...
HongCMS Cross-Site Scripting Vulnerability (CNVD-2019-36220)
HongCMS is an open source lightweight content management system CMS. A cross-site scripting vulnerability exists in HongCMS. An attacker can exploit this vulnerability to execute client-side code...
HongCMS Cross-Site Scripting Vulnerability (CNVD-2019-36218)
HongCMS is an open source lightweight content management system CMS. A cross-site scripting vulnerability exists in HongCMS. An attacker can exploit this vulnerability to execute client-side code...
LJCMS is vulnerable to XSS (CNVD-2019-41436)
LJCMS is a free and open source content management system. LJCMS suffers from an XSS vulnerability that can be exploited by attackers to inject arbitrary web script or HTML...
HongCMS suffers from an arbitrary file deletion vulnerability (CNVD-2019-40718)
HongCMS is an open source lightweight content management system CMS. HongCMS suffers from an arbitrary file deletion vulnerability. An attacker can exploit this vulnerability to delete arbitrary files...
Unauthorized Access Vulnerability in EmpireCMS
EmpireCMS Empire Content Management System is an open source content management system CMS. EmpireCMS has an unauthorized access vulnerability that can be exploited by attackers to view sensitive information...
WMCMS system backend template list exists arbitrary file deletion vulnerability
WMCMS is based on PHP + MYSQL as the core development, free + open source professional Chinese labeling system. WMCMS system background template list exists arbitrary file deletion vulnerability. Attackers can use the vulnerability to delete arbitrary files, resulting in system reinstallation...
File Inclusion Vulnerability in deituiCMS
deituiCMS is a PHP-based open source content management system. A file inclusion vulnerability exists in deituiCMS, which can be exploited by an attacker to include arbitrary files on the server...
Fedora Update for drupal8 FEDORA-2019-46107f296c
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Code Execution Vulnerability in Polyglot CMS Backend
Polygraph cms is an open source content management system CMS. A code execution vulnerability exists in the back-end of JUCOR cms, which can be exploited by attackers to execute arbitrary code...
CVE-2019-9616
An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider for example file.jsp::$DATA to the admin/ueditor/uploadScrawl URI...
Joomla Zoo by YooTheme Components SQL Injection Vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in Joomla Zoo by YooTheme Components. An attacker can exploit this vulnerability to obtain sensitive database information...
SVScanner - Scanner Vulnerability And Massive Exploit
Is a tool for scanning and massive exploits. Our tools target several open source cms. Getting Started with Linux 1. git clone https://github.com/radenvodka/SVScanner.git 2. cd SVScanner 3. php svscanner.php Getting Started with Windows 1. Download Xampp PHP7 2. Download SVScanner :...
Flexo CMS Cross-Site Request Forgery Vulnerability
Flexo CMS is an open source content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in Flexo CMS version 0.1.6. An attacker can exploit this vulnerability to add an administrator account with the help of the /admin/user/add page...
CVE-2018-14069
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add...
POSCMS Code Execution Vulnerability
POSCMS PhpOpenSourceCMS is a set of China Tianrui information technology company based on PHP and MySQL, open source, cross-platform Web content management system CMS. A security vulnerability exists in POSCMS version 3.2.18. A remote attacker can exploit the vulnerability by using the 'add'...
Xing Yunhai CMS (XYHcms) background there are arbitrary file deletion vulnerability
Xing Yunhai CMS XYHcms is a completely open source CMS content management system. XingYunHai CMS XYHcms background there are arbitrary file deletion vulnerability, the vulnerability is due to the system fails to correctly filter the parameters submitted by the user . Attackers can use this...
XYHCMS \App\Runtime\Data\config\site.php page has an arbitrary file write vulnerability
Xing Yunhai CMS XYHcms is a completely open source CMS content management system. XYHCMS \App\Runtime\Data\config\site.php page has an arbitrary file write vulnerability. Attackers use this vulnerability to obtain server privileges by writing Webshell...
Catfish CMS is vulnerable to XSS
Catfish Catfish CMS is an open source PHP CMS web content management system. catfish cms there is an XSS vulnerability, the reason for this vulnerability is not filtered user-submitted data due to the attacker can exploit the vulnerability to implant cross-site code to obtain sensitive informatio...