FunAdmin 访问控制错误漏洞

FunAdmin is an open-source backend development system developed using ThinkPHP6 and Layui. Versions of FunAdmin 7.1.0-rc6 and earlier contain an access control vulnerability. This vulnerability stems from the UploadService::chunkUpload function in the Frontend Chunked Upload Endpoint, where the...

FunAdmin 授权问题漏洞

FunAdmin is an open-source backend development system developed using ThinkPHP6 and Layui. Versions of FunAdmin 7.1.0-rc4 and earlier have authorization-related vulnerabilities. These vulnerabilities stem from incorrect operations on the setConfig function in the component Configuration Handler...

HuoCMS 安全漏洞

Suq HuoCMS is a modern content management system based on ThinkPHP6 and Vue3 developed by Nanjing Digital Flag Technology Suq Company in China. A security vulnerability exists in HuoCMS 3.5.1 and earlier versions, which stems from a file upload feature that could lead to server compromise...

FunAdmin 安全漏洞

FunAdmin is FunAdmin open source a lightweight and high-color backend development system based on ThinkPHP6+Layui development. A security vulnerability exists in FunAdmin version 5.0.2, which originates from an SQL injection vulnerability in /curd/table/list...

FunAdmin 安全漏洞

FunAdmin is FunAdmin open source a lightweight and high-color backend development system based on ThinkPHP6+Layui development. A security vulnerability exists in FunAdmin version 5.0.2, which stems from the selectfiles method in ackendcontrollersysAttachh.php directly depositing incoming paramete...

Gougucms Cross-Site Scripting Vulnerability

gougucms is a Chinese hook open source open source set based on ThinkPHP6 + Layui + MySql to build a lightweight general-purpose back-office management framework. gougucms v4.08.18 version of the existence of cross-site scripting vulnerability , the vulnerability stems from the application of the...

gougucms 跨站脚本漏洞

gougucms is a Chinese hook open source open source set based on ThinkPHP6 + Layui + MySql to build a lightweight general-purpose back-office management framework. gougucms v4.08.18 version of the existence of cross-site scripting vulnerability , the vulnerability stems from the application of the...

FunAdmin 代码问题漏洞

FunAdmin is FunAdmin open source a lightweight and high quality backend development system based on ThinkPHP6 + Layui development . FunAdmin version 3.3.2 and 3.3.3 version of a security vulnerability , the vulnerability stems from allowing the installation of plug-ins through the upload of...

Funadmin SQL注入漏洞

FunAdmin is FunAdmin open source based on ThinkPHP6 + Layui development of a lightweight high-profile back-end development system . Funadmin v3.2.0 version has a security vulnerability , the vulnerability stems from the selectFields parameter through controllerauthAuth.php found to contain SQL...

FunAdmin SQL注入漏洞

FunAdmin is FunAdmin open source development based on ThinkPHP6+Layui a lightweight high-profile back-end development system . FunAdmin version 3.2.0 there is a security vulnerability , the vulnerability stems from the /databases/database/list through the id parameter found to contain SQL injecti...

FunAdmin SQL注入漏洞

FunAdmin is FunAdmin open source based on ThinkPHP6+Layui development of a lightweight high-profile back-end development system . FunAdmin v3.2.0 version there is a security vulnerability , the vulnerability stems from the existence of SQL injection via the /databases/database/edit id parameter...

Funadmin 安全漏洞

FunAdmin is FunAdmin open source a lightweight and high quality backend development system based on ThinkPHP6 + Layui development . Funadmin v3.2.0 version has a security vulnerability , the vulnerability stems from through the component controllerAddon.php found to contain remote code execution...

Pear Admin Think Cross-Site Scripting Vulnerability

Pear Admin Think is a rapid development platform based on thinkphp6 that allows you to quickly build your functional business with simple code generation functionality. pear Admin Think 5.0.6 and prior versions contain a cross-site scripting vulnerability that stems from the program's lack of dat...

XSS Vulnerability in NiiuShop Single Merchant V4 System

NiiuShop single merchant V4 system is a framework using the new thinkphp6 + event development design + layui + uniapp for the design of open source merchant system. NiiuShop Single Merchant V4 system has an XSS vulnerability that can be exploited by attackers to obtain user cookie information...