CVE-2024-31011

Arbitrary file write vulnerability in beescms v.4.0, allows a remote attacker to execute arbitrary code via a file path that was not isolated and the suffix was not verified in admintemplate.php...

CVE-2024-31011

CVE-2024-31011 affects beescms v4.0, where an Arbitrary file write vulnerability exists in admin_template.php due to a file path that was not isolated and an unverified suffix. This allows a remote attacker to write arbitrary files and, as described, execute arbitrary code. The impact is consiste...

CVE-2024-31011

Arbitrary file write vulnerability in beescms v.4.0, allows a remote attacker to execute arbitrary code via a file path that was not isolated and the suffix was not verified in admintemplate.php...

CVE-2023-39067

Cross Site Scripting vulnerability in ZLMediaKiet v.4.0 and v.5.0 allows an attacker to execute arbitrary code via a crafted script to the URL...

Sql injection

SQL Injection vulnerability found in PublicCMS v.4.0 allows a remote attacker to execute arbitrary code via sql parameter of the the SysSiteAdminControl...

CVE-2020-20914

CVE-2020-20914 affects San Luan PublicCMS v4.0. The issue is a SQL Injection via the sql parameter that can lead to remote code execution. Documents show a high-impact, CRITICAL vulnerability (CVSS 3.1: 9.8) with network attack vector and no user interaction required. Exploitation details or live...

CVE-2021-35388

Hospital Management System v 4.0 is vulnerable to Cross Site Scripting XSS via /hospital/hms/admin/patient-search.php...

Member Management System v 4.0 XSS vuln.

Vuln. discovered by : r0t Date: 09 September 2010 vendor:http://www.expinion.net/Applications/MMSoverview.asp orginal advisory:http://pridels-team.blogspot.com/2010/09/member-management-system-v-40-xss-vuln.html affected versions:v 4.0 and other versions also can be affected. Member Management...