Cicada-known CMS v5. 6 user-deny-reflective XSS vulnerability

Vulnerability overview Cicada-known open source version of the CMS v5. 6 in the user module of the deny method to render the template file, for user input of parameters for rendering, and not handled correctly, can lead to bypassing some of the filter, thereby causing the reflective XSS the...

Cicada-known Enterprise Portal system v2. 5 sql injection to admin-vulnerability warning-the black bar safety net

The problem is when the user modifies the information of the place /system/module/user/control.php public function edit$account = " if!$ account or RUNMODE == 'front' $account = $this-app-user-account; if$this-app-user-account == 'guest' $this-locateinlink'login'; if! empty$POST...