Strapi Security Vulnerabilities

Strapi is an open source content management system CMS. A security vulnerability exists in Strapi version 4.24.4, which stems from the component /strapi.io/next/image containing server-side request forgery SSRF, which could allow an attacker to scan for open ports or access sensitive information...

PT-2023-8104 · Otcms · Otcms

Name of the Vulnerable Software and Affected Versions: OTCMS version 7.01 Description: A critical issue was found in OTCMS, related to the lack of protection for the SQL query structure. This allows a remote attacker to gain unauthorized access to protected information. The issue is associated wi...

Bludit Cross-Site Scripting Vulnerability

Bludit is an open source lightweight blog content management system CMS. A cross-site scripting vulnerability exists in BluditCMS version v.3.14.1. An attacker can exploit this vulnerability to execute arbitrary code...

OpenRapid RapidCMS SQL注入漏洞

OpenRapid RapidCMS is OpenRapid open source a fast and easy to use CMS system. A SQL injection vulnerability exists in OpenRapid RapidCMS version 1.3.1, which stems from the incorrect manipulation of the parameter id can lead to sql injection...

Yzmcms Cross-Site Request Forgery Vulnerability (CNVD-2023-64113)

Yzmcms is Yzmcms a set of open source CMS Content Management System. yzmcms 5.6 version of the cross-site request forgery vulnerability , the vulnerability stems from the program does not adequately verify whether the request comes from a trusted user , an attacker can use this vulnerability to...

Adrian indico 跨站脚本漏洞

Adrian indico is an application of Adrian open source . A hierarchical content management system. A cross-site scripting vulnerability exists in versions prior to Adrian indico 3.2.6, which stems from vulnerability to cross-site scripting attacks...

PT-2023-23778 · Otcms · Otcms

Name of the Vulnerable Software and Affected Versions: OTCMS versions up to 6.62 Description: A vulnerability was found in OTCMS, affecting some unknown functionality of the file "/admin/read.php?mudi=announContent". The manipulation of the url argument leads to path traversal. The exploit has be...

Ariadne Component Library 代码问题漏洞

Ariadne Component Library is a set of url, http and xss components for Ariadne CMS open source. A code issue vulnerability exists in Ariadne Component Library version 2.x and prior versions. An attacker could exploit this vulnerability to perform server-side request forgery attacks...

XunRuiCMS 跨站请求伪造漏洞

XunRuiCloud Software Development XunRuiCMS XunRuiCMS is an open source content management system CMS from China's XunRuiCloud Software Development Company. A security vulnerability exists in XunRuiCMS version V4.5.6, which originates from the presence of cross-site request forgery CSRF...

forkcms SQL注入漏洞

forkcms is an open source CMS that uses Symfony components. forkcms is vulnerable to SQL injection, which can be exploited by attackers to tamper with database data...

Jspxcms 代码问题漏洞

UJCMS Jspxcms is a scalable enterprise-class open source web content management system CMS from China's BlueIntelligence Technology Corporation. A code issue vulnerability exists in Jspxcms, which stems from a vulnerability in $freemarker.template.utility.Execute?new in UJCMS Jspxcms v10.2.0 that...

CVE-2022-21644 SQL Injection via search in USOC

USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via usersearch.php. In search terms provided by the user were not sanitized and were used directly to construct a sql statement. The only users permitted to search are site admins. Users are...

Jizhicms 代码问题漏洞

Extreme Networks Technology JIZHICMS Extreme CMS is a set of open source content management system CMS of China's Extreme Networks Technology Company. Jizhicms v1.5 version of the existence of security vulnerabilities, attackers can take advantage of the vulnerability through the special .jpg fil...

Electron Technologies FZC PopojiCMS 路径遍历漏洞

Electron Technologies FZC PopojiCMS is an open source content management system CMS from Electron Technologies FZC based on the Popoji framework.A path traversal vulnerability exists in Electron Technologies FZC PopojiCMS. No detailed vulnerability details are available at this time...

Pixelimity 跨站脚本漏洞

Pixelimity is a PHP-based open source CMS Content Management System. Pixelimity 1.0 suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit this vulnerability to execute client-side code...

PluXml 跨站脚本漏洞

PluXml is a free and open source content management system that does not require a database to work. A cross-site scripting vulnerability exists in PluXML, which stems from a stored XSS vulnerability that the Article Editing feature of PluXML 5.8.7 allows to be implemented via headers or content...

xyhcms cross-site request forgery vulnerability (CNVD-2021-50087)

xyhcms is a software application. A completely open source CMS content management system, simple, easy to use, secure, stable and free. xyhcmsV3.6 has a security vulnerability that can be exploited by an attacker to edit any information about an administrator, such as name, email and password...

SQL Injection Vulnerability in KingCMS

KingCMS is an open source content management system CMS. KingCMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

YzmCMS Cross-Site Scripting Vulnerability (CNVD-2021-47391)

Yzmcms is an open source CMS Content Management System for Yzmcms individual developers. A cross-site scripting vulnerability exists in yzmcms v5.2, which can be exploited by a remote attacker to inject commands into the "referer" field of a POST request to the component "member index login.html"...

WellCMS File Upload Vulnerability

WellCMS is an open source with a billion load, tend to mobile, lightweight, with ultra-fast response ability of high load CMS, is a large amount of data, high concurrency access to the site's best choice of light CMS. has a safe, efficient, stable, ultra-fast speed, super load characteristics. A...