Lucene search
K

4 matches found

CNNVD
CNNVD
added 2025/03/10 12:0 a.m.5 views

tianti 跨站请求伪造漏洞

tianti tianti is a JAVA lightweight CMS solution by jeffry personal developer. A security vulnerability exists in tianti v2.3. An attacker can perform arbitrary operations via specially crafted GET or POST requests...

8CVSS6.9AI score0.00205EPSS
Exploits1References2
CNVD
CNVD
added 2018/11/08 12:0 a.m.2 views

Ladder CMS Privilege Limit Bypass Vulnerability

Tianti tianti is a free lightweight CMS system written in Java , currently provides a total solution from the back-end management to the front-end display . A privilege limit bypass vulnerability exists in the skin management feature in tianti 2.3. The vulnerability stems from the fact that...

6.5CVSS6.6AI score0.0122EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/08 12:0 a.m.2 views

Cross-site Scripting Vulnerability in Tianti CMS (CNVD-2019-09099)

Ladder tianti is a free lightweight CMS system written in Java. A stored cross-site scripting vulnerability exists in the user list module in tianti 2.3, which can be exploited by an attacker via the tianti-module-admin/user/ajax/saverole name parameter to conduct a cross-site scripting attack...

5.4CVSS5.2AI score0.00667EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/08 12:0 a.m.2 views

Ladder CMS Privilege Limit Bypass Vulnerability (CNVD-2019-09102)

Tianti tianti is a free lightweight CMS system written in Java , currently provides a total solution from the back-end management to the front-end display . A privilege restriction bypass vulnerability exists in Tianti 2.3, which can be exploited by a remote authenticated user to bypass the...

8.8CVSS8.7AI score0.01771EPSS
Exploits1References1
Rows per page
Query Builder