ShuipFCMS suffers from an arbitrary file write vulnerability (CNVD-2021-24708)

ShuipFCMS is a content management system based on ThinkPHP framework as the core and developed in an independent grouping approach. ShuipFCMS has an arbitrary file write vulnerability that can be exploited by attackers to gain server privileges...

XSS vulnerability in 115cms frontend (CNVD-2021-28389)

115CMS is developed using the current most popular ThinkPHP framework, which is an efficient and open source content management system. 115cms frontend has an XSS vulnerability that can be exploited by attackers to obtain user cookie information...

115CMS suffers from XSS vulnerability

115CMS is developed with ThinkPHP framework, which is an open source content management system. 115CMS suffers from an XSS vulnerability. An attacker can exploit the vulnerability to obtain an administrator cookie...

SQL Injection Vulnerability in LFCMS Backend

LFCMS is a film and television content management system developed in PHP and based on THINKPHP framework suitable for all kinds of video, film and television websites. LFCMS backend has SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitive database information...

TP-COUPON suffers from SQL injection vulnerability (CNVD-2021-22941)

TP-COUPON is a free and open source coupon system developed using the Thinkphp framework. TP-COUPON suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

TP-COUPON suffers from SQL injection vulnerability (CNVD-2021-23515)

TP-COUPON is a free and open source coupon system developed using the Thinkphp framework. TP-COUPON suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

TP-COUPON suffers from SQL injection vulnerability (CNVD-2021-22937)

TP-COUPON is a free and open source coupon system developed using the Thinkphp framework. TP-COUPON suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

Command Execution Vulnerability in KiteCMS

KiteCMS open source web content management system CMS, the system is based on the framework ThinkPHP 5.1. version of the development, applicable to individuals and enterprises to quickly build a station and development needs. KiteCMS command execution vulnerability , an attacker can exploit the...

TP-COUPON suffers from SQL injection vulnerability (CNVD-2021-21531)

TP-COUPON is a free and open source coupon system developed using the Thinkphp framework. TP-COUPON suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

115CMS suffers from a file upload vulnerability (CNVD-2021-21532)

115CMS is developed with ThinkPHP framework, which is a content management system. A file upload vulnerability exists in 115CMS, which can be exploited by an attacker to gain control of the server...

SQL Injection Vulnerability in TP-COUPON

TP-COUPON is a free and open source coupon system developed using the Thinkphp framework. TP-COUPON suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

Command Execution Vulnerability in Wild Rain Novel Cms

Wild Rain Fiction CMS provides a lightweight fiction website solution based on ThinkPHP 5.1 MySQL. Raining Novels cms has a command execution vulnerability that can be exploited by attackers to gain server privileges...

TPScan

thinkphp rce sql tools...

Arbitrary File Read Vulnerability in SIYUCMS

SIYUCMS is a content management system based on ThinkPHP + AdminLTE. SIYUCMS suffers from an arbitrary file read vulnerability that can be exploited by an attacker to read arbitrary files...

Arbitrary File Deletion Vulnerability in RGCMS Backend

RGCMS is an open source building management system, written in PHP with a Thinkphp 5.1 framework. RGCMS backend exists arbitrary file deletion vulnerability. An attacker can use the vulnerability to delete sensitive files in the website...

fastadmin 跨站脚本漏洞

fastadmin is a web backend development framework based on ThinkPHP and Bootstrap. A cross-site scripting vulnerability exists in fastadmin V1.0.0.20200506beta, which stems from the lack of proper validation of client-side data in WEB applications. An attacker can obtain administrator credentials ...

CVE-2020-35339

In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server...

Command Execution Vulnerability in Tplay Backend

Tplay is a backend management framework based on ThinkPHP 5.0.13 + layui2.2.45 + Mysql development, PHP version required to upgrade to 5.5. A command execution vulnerability exists in Tplay backend. An attacker can exploit this vulnerability to gain server privileges...

XSS Vulnerability in ShuipFCMS

ShuipFCMS is a content management system based on ThinkPHP framework as the core and developed in an independent grouping approach. ShuipFCMS suffers from an XSS vulnerability. Attackers can use the vulnerability to obtain sensitive information such as user cookies...

Command execution vulnerability in the backend of the Guojiz international web site navigation system (CNVD-2021-12804)

Guojiz International Website Navigation System is developed with ThinkPHP5.0 PHP7.0 Mysql Apache/Nginx/iis, a CMS program suitable for small and medium-sized webmasters to build websites. Guojiz international web site navigation system back-end command execution vulnerability, an attacker can...