File upload vulnerability exists in SIYUCMS of Shenyang Dotcom Technology Co. Ltd (CNVD-2020-56662)

SIYUCMS is based on the latest version of ThinkPHP-5.1.X framework, the backend front-end framework using AdminLTE. the core concept of the system is " do the most suitable for the enterprise CMS ". SIYUCMS of Shenyang Dotcom Technology Co., Ltd. has a file upload vulnerability, which can be...

File Read Vulnerability in KiteCMS Backend

KiteCMS open source web content management system CMS, the system is based on the framework ThinkPHP 5.1. version of the development, applicable to individuals and enterprises to quickly build a station and development needs. KiteCMS backend file reading vulnerability , attackers can use the...

Code Execution Vulnerability in KiteCMS Backend

KiteCMS open source web content management system CMS, the system is based on the framework ThinkPHP5.1. version of the development , applicable to individuals and enterprises to quickly build stations and development needs. Provide website templates for various industries , the system uses a...

XSS Vulnerability in HulaCWMS

HulaCWMS is developed on ThinkPHP5 framework and includes all the features of ThinkPHP5. HulaCWMS has an XSS vulnerability that can be exploited by an attacker to obtain sensitive information such as user cookies...

TuziCMS v3.0 Ma*** Gu***.cl***.php suffers from SQL injection vulnerability

TuziCMS is an enterprise website management system based on ThinkPHP 3.2 framework. TuziCMS v3.0 Ma Gu.cl.php suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information about the database...

Command Execution Vulnerability in Guojiz International Website Navigation System

Guojiz International Website Navigation System is a navigation system based on thinkphp. A command execution vulnerability exists in Guojiz International Website Navigation System, which can be exploited by an attacker to gain server control privileges...

File upload vulnerability exists in BeyongCms (CNVD-2020-31489)

BeyongCms is a content management system based on ThinkPHP 5.1 framework. A file upload vulnerability exists in BeyongCms. An attacker can exploit this vulnerability to upload malicious files and gain administrative privileges on the server...

Arbitrary File Deletion Vulnerability in DSCMS Enterprise Content Management System

DSCMS is Changsha Deshaun network based on ThinkPHP5.0 framework development, using PHP + Mysql architecture, is a suitable for the construction of enterprise website cms station building system features a comprehensive SEO-friendly dual-language open source CMS system. DSCMS enterprise station...

EyouCms suffers from SQL injection vulnerability (CNVD-2020-02271)

EyouCms is a free + open source enterprise content management system developed on the core of TP5.0 framework. EyouCms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive database information...

Command Execution Vulnerability in EyouCMS v1.4.1

EyouCms is based on TP5.0 framework for the core development of free + open source enterprise content management system , focusing on enterprise station user needs . EyouCMS v1.4.1 there is a command execution vulnerability , attackers can exploit the vulnerability to execute any system command t...

Code Execution Vulnerability in KiteCMS Backend

KiteCms is an open source content management system based on ThinkPHP 5.0.9. A code execution vulnerability exists in the KiteCMS backend. An attacker can construct a directory structure to execute arbitrary code and gain server privileges...

Code Execution Vulnerability in E-House CMS

E-House cms real estate website system is mainly for the real estate industry development of real estate website system, to thinkphp5.0 as the core development. E-House CMS has a code execution vulnerability that can be exploited by attackers to inject malicious code and execute it to gain contro...

LaySNS has an xss vulnerability

LaySNS is a lightweight, ThinkPHP+Layui-based integrated website management system that integrates content management and community interaction. LaySNS has an xss vulnerability that can be exploited by attackers to inject arbitrary Web script or HTML...

File Upload Vulnerability in GreenCMS

GreenCMS is a ThinkPHP-based content management system. A file upload vulnerability exists in GreenCMS, which can be exploited by attackers to upload arbitrary files...

Command Execution Vulnerability in ITKEE Backend Management System

ITKEE backend management system is an open source system using thinkphp5+layui development . ITKEE backend management system has a command execution vulnerability that can be exploited by attackers to gain control of the web server...

SQL Injection Vulnerability in efucms Website Building System

efucms is an easy-to-use content management system based on ThinkPHP. There is a SQL injection vulnerability in efucms website builder system, which can be exploited by attackers to obtain sensitive database information...

Arbitrary File Read Vulnerability in LFCMS Version 3.4.0

LFCMS is a film and television content management system developed in PHP and based on THINKPHP framework suitable for all kinds of video, film and television websites. LFCMS 3.4.0 version of the arbitrary file reading vulnerability, attackers can use the vulnerability to obtain the source code o...

SQL Injection Vulnerability in check_need_status, check_pay_sum Methods of WK+shop General Mall System

WK+shop is a mall system based on the technology of PHP+MySQL, developed using ThinkPHP5.0 framework, which combines the Witcott mission system with multiple mall systems. WK+shop general mall system checkneedstatus, checkpaysum method SQL injection vulnerability, attackers can construct a specif...