SQL Injection Vulnerability in 115CMS Backend Ad***.php File

115CMS is a content management system developed on ThinkPHP framework. A SQL injection vulnerability exists in the Ad.php file in the 115CMS backend. An attacker can exploit the vulnerability to obtain sensitive database information...

File Upload Vulnerability in ShuipFCMS Content Management System

ShuipFCMS a content management system based on ThinkPHP framework as the core, using an independent grouping approach to development. ShuipFCMS has an arbitrary file upload vulnerability that can be exploited by an attacker to gain administrative privileges on the server...

MileagePHP open-source blog system with arbitrary directory recursive deletion vulnerability

MileagePHP open source blogging system using Thinkphp framework, with easy to read, easy to use and so on. MileagePHP open source blog system has an arbitrary directory recursive deletion vulnerability , an attacker can use the vulnerability for arbitrary directory recursive deletion...

SQL Injection Vulnerability in thinkphp

ThinkPHP was born to simplify enterprise-level application development and agile WEB application development. The earliest born in early 2006, 2007 New Year's Day was officially renamed ThinkPHP, and follow the Apache2 open source protocol release. thinkphp there is a SQL injection vulnerability ...

Arbitrary Directory Deletion Vulnerability in Mile High PHP Open Source Blog System (CNVD-2020-59461)

MileageMi is a ThinkPHP open source blogging system. MileageMi PHP open source blog system has an arbitrary directory deletion vulnerability that can be exploited by attackers to delete directory files...

SQL Injection Vulnerability in MileagePlus PHP Blog System

MileagePHP Blog System is an open source blog system based on ThinkPHP. MileagePHP Blog System suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

Command Execution Vulnerability in the Backend of Guojiz International Web Site Navigation System

Guojiz International Website Navigation System is developed by ThinkPHP5.0+PHP7.0+Mysql+Apache/Nginx/iis, which is suitable for small and medium-sized webmasters to build a CMS program. Guojiz international web site navigation system backend command execution vulnerability, attackers can use the...

SQL Injection Vulnerability in Guojiz International Website Navigation System

Guojiz International Website Navigation System is developed by ThinkPHP5.0+PHP7.0+Mysql+Apache/Nginx/iis, which is suitable for small and medium-sized webmasters to build a CMS program. Guojiz International Website Navigation System has a SQL injection vulnerability, which can be exploited by...

Command execution vulnerability in FastAdmin backend (CNVD-2020-58827)

FastAdmin is an extremely fast backend development framework based on ThinkPHP and Bootstrap, and a permission management system based on Auth validation. FastAdmin backend has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

TPshop open source mall merchant management background Uploadify page file upload vulnerabilities exist

TPshop open source mall is developed with the latest version of ThinkPHP shop mall. TPshop open source mall merchant management background Uploadify page file upload vulnerability. Attackers can use this vulnerability to upload webshell, get server privileges...

TPshop open source mall management background Uploadify page file upload vulnerability

TPshop open source mall is developed with the latest version of ThinkPHP shop mall. TPshop open source mall management background Uploadify page file upload vulnerability. Attackers can use this vulnerability to upload webshell, get server privileges...

TPshop open source mall merchant management background Ueditor page file upload vulnerabilities exist

TPshop open source mall is developed with the latest version of ThinkPHP shop mall. TPshop open source mall merchant management backend file upload vulnerability. Attackers can use this vulnerability to upload webshell, get server privileges...

File Deletion Vulnerability in CLTPHP Open Source Edition

CLTPHP is a content management system based on ThinkPHP5 development with Layui framework in the backend. CLTPHP open source version exists file deletion vulnerability. An attacker can exploit the vulnerability to delete arbitrary files , resulting in a program crash...

File upload vulnerability in lemocms Up***.php file

lemocms aka lemocms backend management system is a completely open source project based on the latest version of ThinkPHP6, layui+easywechat framework development, easy to extend the functionality, code maintenance, and convenient for the second development. lemocms Up.php file file upload...

Logic Flaw Vulnerability in LeShang Mall Open Source System (CNVD-2020-50729)

LeShangMall is a lightweight mall website management system, based on Thinkphp5+Mysql architecture, can run on Linux, Windows, MacOSX, Solaris and other platforms, the template is separated from the program, support for custom pseudo-static, the front template using DIV + CSS design can be orient...

SQL Injection Vulnerability in niushop_b2c Single Merchant E-commerce System

niushop b2c single merchant e-commerce system is a thinkphp5.0 MySQL development language development, completely open source mall system can be used for enterprises, individuals to establish their own online free mall. niushopb2c single merchant e-commerce system SQL injection vulnerability ,...

Arbitrary File Deletion Vulnerability in HisiPHP

HisiPHP is based on ThinkPHP5 + Layui development of a set of free WEB open source framework. HisiPHP has an arbitrary file deletion vulnerability. Attackers can use the vulnerability to delete lock files , resulting in system reinstallation...

Command Execution Vulnerability in the New X1.0 System of Guangzhou Qibo Network Technology Co.

Zibo's new X1.0 system is a website management system based on the latest thinkphp5 framework. Guangzhou Qibo Network Technology Co., Ltd Qibo new X1.0 system has a command execution vulnerability, which can be exploited by an attacker to gain control of the web server...

WTCMS suffers from a file upload vulnerability (CNVD-2020-47243)

WTCMS is a content management system CMS based on Thinkphp. WTCMS suffers from a file upload vulnerability that can be exploited by an attacker to gain control of the web server...

Guangzhou Qibo Network Technology Co., Ltd. Qibo's new X1.0 system is vulnerable to XSS.

Zibo's new X1.0 system is a website management system based on the latest thinkphp5 framework. Guangzhou Qibo Network Technology Co., Ltd Qibo New X1.0 System has an XSS vulnerability that can be exploited by attackers to obtain administrator cookies...