CVE-2026-30878

baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables...

PT-2026-29149

baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables...

baserCMS 安全漏洞

BaserCMS is a corporate-level content management system CMS developed by the baserCMS team. Versions of BaserCMS prior to 5.2.3 contained security vulnerabilities. These vulnerabilities stemmed from defects in the public email submission API, which could allow for bypassing management controls an...

CVE-2010-0471

SQL injection vulnerability in the comment submission interface includes/comment.php in Enano CMS before 1.0.6pl1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...

GHSA-6WGJ-66M2-XXP2 Ray has arbitrary code execution via jobs submission API

Anyscale Ray allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment...

Ray has arbitrary code execution via jobs submission API

Anyscale Ray allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment...

Ray Code Issues Vulnerabilities

Ray is a unified framework for scaling AI and Python applications open-sourced by ray-project. A code issue vulnerability exists in Ray version 2.6.3, 2.8.0. A remote attacker could exploit this vulnerability to execute arbitrary code via the Job Submission API...

SQL injection vulnerability in the article submission interface of S-CMS school website builder system

S-CMS school station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. A SQL injection vulnerability exists in the article submission interface of S-CMS School Building System. An attacker can exploit the...

CVE-2018-16278

phpkaiyuancms PhpOpenSourceCMS POSCMS V3.2.0 allows an unauthenticated user to execute arbitrary SQL commands via the diy/module/member/controllers/Api.php ajaxsavedraft function with the dir parameter...