7 matches found
FineCMS <5.0.9 - Open Redirect
FineCMS 5.0.9 contains an open redirect vulnerability via the url parameter in a sync action. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2017-11586 info: name: FineCMS 5.0.9 - Open...
Malicious code in secrets-sync-action (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ad5dd7927bcd89b1f83ce52eaf883a861ff2178c8f2fad548584c722e3b96ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5993 Malicious code in secrets-sync-action (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ad5dd7927bcd89b1f83ce52eaf883a861ff2178c8f2fad548584c722e3b96ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Code injection
dayrui FineCms 5.0.9 has URL Redirector Abuse via the url parameter in a sync action, related to controllers/Weixin.php...
CVE-2017-11586
dayrui FineCms 5.0.9 has URL Redirector Abuse via the url parameter in a sync action, related to controllers/Weixin.php...
CVE-2017-11586
FineCMS 5.0.9 contains an open redirect vulnerability exploitable via the url parameter in a sync action, linked to controllers/Weixin.php. The NVD entry CVE-2017-11586 documents URL Redirector Abuse with CVSS 3.0 score 6.1 (NETWORK, PR:N, UI:R). Nuclei templates corroborate an open redirect cond...
CVE-2017-11586
dayrui FineCms 5.0.9 has URL Redirector Abuse via the url parameter in a sync action, related to controllers/Weixin.php...