74CMS SQL Injection Vulnerability (CNVD-2021-43390)

74CMS is a recruitment system developed by Taiyuan Xunyi Technology Co., Ltd. based on ThinkPHP framework. A SQL injection vulnerability exists in 74CMS version 3.2.0. An attacker can use this vulnerability to inject SQL statements via the x parameter of ajaxofficebuilding.php...

74CMS SQL Injection Vulnerability (CNVD-2021-43391)

74CMS is a talent recruitment system based on the second development of ThinkPHP framework. A SQL injection vulnerability exists in 74CMS version 3.2.0. An attacker can use this vulnerability to inject SQL statements via the key parameter of plus/ajaxstreet.php...

迅易科技 74cms SQL注入漏洞

74CMS is a talent recruitment system based on the second development of ThinkPHP framework. A SQL injection vulnerability exists in 74CMS version 3.2.0. An attacker can use this vulnerability to inject SQL statements via the id parameter of wap/wap-company-show.php...

迅易科技 74cms SQL注入漏洞

74CMS is a talent recruitment system based on the second development of ThinkPHP framework. A SQL injection vulnerability exists in 74CMS version 3.2.0. An attacker can use this vulnerability to inject SQL statements via the key parameter of plus/ajaxstreet.php...

迅易科技 74cms SQL注入漏洞

74CMS is a recruitment system developed by Taiyuan Xunyi Technology Co., Ltd. based on ThinkPHP framework. A SQL injection vulnerability exists in 74CMS version 3.2.0. An attacker can use this vulnerability to inject SQL statements via the x parameter of ajaxofficebuilding.php...

Lvyecms has an arbitrary file read vulnerability

Lvyecms Brigade CMS is a php content management system based on ThinkPHP 3.2.x development. Lvyecms has an arbitrary file read vulnerability. An attacker can exploit the vulnerability to read server files...

EacooPHP has a file upload vulnerability

EacooPHP is a lightweight WEB product development framework based on ThinkPHP 5.0.21. EacooPHP suffers from a file upload vulnerability. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...

Metarget - Framework Providing Automatic Constructions Of Vulnerable Infrastructures

1 Introduction Metarget = meta- + target, a framework providing automatic constructions of vulnerable infrastructures, used to deploy simple or complicated vulnerable cloud native targets swiftly and automatically. 1.1 Why Metarget? During security researches, we might find that the deployment of...

Command Execution Vulnerability in Wild Rain Novel cms (CNVD-2021-40730)

Wild Rain Fiction CMS provides a lightweight fiction website solution based on ThinkPHP 5.1 MySQL. Raining Novels cms has a command execution vulnerability that can be exploited by attackers to gain server privileges...

Arbitrary File Deletion Vulnerability in Wild Rain Novel cms (CNVD-2021-40731)

Wild Rain Fiction CMS provides a lightweight fiction website solution based on ThinkPHP 5.1 MySQL. Rain Novel cms arbitrary file deletion vulnerability , an attacker can use the vulnerability to delete arbitrary files...

ThinkPHP Exploit Actively Exploited in the Wild

...

ArticleCMS 代码问题漏洞

ArticleCMS is an application system. A multifaceted information website built on Bootstrap and ThinkPHP. A security vulnerability exists in ArticleCMS version 1.0. The vulnerability stems from a file upload vulnerability in the program, which could allow a remote malicious user to execute arbitra...

ArticleCMS 代码问题漏洞

ArticleCMS is an application system. A multifaceted information website built on Bootstrap and ThinkPHP. ArticleCMS has a file upload vulnerability. As there is no restriction on uploading files. An attacker can obtain a shell by uploading a file...

ThinkPHP has a file inclusion vulnerability

ThinkPHP is developed and maintained by the Shanghai Top Thinking company MVC structure of the open-source PHP framework. ThinkPHP has a file inclusion vulnerability that can be exploited by attackers to gain server control privileges...

Command Execution Vulnerability in ThinkPHP

ThinkPHP is developed and maintained by the Shanghai Top Thinking company MVC structure of the open-source PHP framework. ThinkPHP has a command execution vulnerability that can be exploited by attackers to gain server control privileges...

115CMS suffers from XSS vulnerability (CNVD-2021-32394)

115CMS is developed with ThinkPHP framework, which is an open source content management system. 115CMS suffers from an XSS vulnerability. An attacker can exploit the vulnerability to obtain an administrator cookie...

Rainy Novel cms has arbitrary file deletion vulnerability

Wild Rain Fiction cms hereinafter referred to as KYXSCMS provides a lightweight fiction website solution based on ThinkPHP 5.1+MySQL. KYXSCMS has an arbitrary file deletion vulnerability. An attacker can use the vulnerability to delete any file in the root directory...

TnCMS has a file upload vulnerability

TnCMS is a light content management system based on ThinkPHP6+layUI based development. TnCMS suffers from a file upload vulnerability that can be exploited by attackers to gain control of the server...

BeyongCMS suffers from file upload vulnerability (CNVD-2021-26005)

BeyongCMS is a content management system based on ThinkPHP 5.1 framework. A file upload vulnerability exists in BeyongCMS, which can be exploited by attackers to gain control of the server...

SIYUCMS suffers from an arbitrary file read vulnerability (CNVD-2021-26009)

SIYUCMS is a content management system based on ThinkPHP + AdminLTE. SIYUCMS suffers from an arbitrary file read vulnerability that can be exploited by attackers to obtain sensitive information...