4 matches found
tianti 跨站请求伪造漏洞
tianti tianti is a JAVA lightweight CMS solution by jeffry personal developer. A security vulnerability exists in tianti v2.3. An attacker can perform arbitrary operations via specially crafted GET or POST requests...
Ladder CMS Privilege Limit Bypass Vulnerability
Tianti tianti is a free lightweight CMS system written in Java , currently provides a total solution from the back-end management to the front-end display . A privilege limit bypass vulnerability exists in the skin management feature in tianti 2.3. The vulnerability stems from the fact that...
Cross-site Scripting Vulnerability in Tianti CMS (CNVD-2019-09099)
Ladder tianti is a free lightweight CMS system written in Java. A stored cross-site scripting vulnerability exists in the user list module in tianti 2.3, which can be exploited by an attacker via the tianti-module-admin/user/ajax/saverole name parameter to conduct a cross-site scripting attack...
Ladder CMS Privilege Limit Bypass Vulnerability (CNVD-2019-09102)
Tianti tianti is a free lightweight CMS system written in Java , currently provides a total solution from the back-end management to the front-end display . A privilege restriction bypass vulnerability exists in Tianti 2.3, which can be exploited by a remote authenticated user to bypass the...