CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

NVD•added 2018/04/08 2:29 a.m.•17 views

CVE-2018-9850

In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\DataAction.class.php allows remote attackers to delete any file via directory traversal sequences in the id parameter of an Admin-Data-del request...

7.5CVSS7.5AI score0.00425EPSS

Exploits1References1

OSV•added 2018/04/08 2:29 a.m.•2 views

CVE-2018-9852

In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read data from a database by embedding a FROM clause in a query string within a Home-Hits request, as demonstrated hy sid=user,password%20from%20mysql.user%23...

9.8CVSS5.8AI score0.00437EPSS

Exploits1References1

Prion•added 2018/04/08 2:29 a.m.•9 views

Design/Logic Flaw

In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to read any file via a modified pathname in an Admin-Tpl request, as demonstrated by use of '|' instead of '/' as a directory separator, in conjunction with a ".." sequence...

5CVSS7.4AI score0.00374EPSS

Exploits1References1Affected Software1

NVD•added 2018/04/08 2:29 a.m.•16 views

CVE-2018-9851

7.5CVSS7.4AI score0.00374EPSS

Exploits1References1

CVE•added 2018/04/08 2:0 a.m.•49 views

CVE-2018-9852

In Gxlcms QY v1.0.0713, the vulnerable component is Lib\Lib\Action\Home\HitsAction.class.php. The issue allows remote attackers to read data from the database by injecting a FROM clause into the query string of a Home-Hits request (e.g., sid=user,password%20from%20mysql.user%23). This appears as ...

9.8CVSS9.1AI score0.00437EPSS

Exploits1References1Affected Software1

Cvelist•added 2018/04/08 2:0 a.m.•17 views

CVE-2018-9852

9.3AI score0.00437EPSS

Exploits1References1

Cvelist•added 2018/04/08 2:0 a.m.•17 views

CVE-2018-9851

7.5AI score0.00374EPSS

Exploits1References1

NVD•added 2018/04/07 9:29 p.m.•17 views

CVE-2018-9848

In Gxlcms QY v1.0.0713, the upload function in Lib\Lib\Action\Admin\UploadAction.class.php allows remote attackers to execute arbitrary PHP code by first using an Admin-Admin-Configsave request to change the configuploadclass value from jpg,gif,png,jpeg to jpg,gif,png,jpeg,php and then making an...

9.8CVSS9.9AI score0.00944EPSS

Exploits1References1

NVD•added 2018/04/07 9:29 p.m.•12 views

CVE-2018-9847

In Gxlcms QY v1.0.0713, the update function in Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to execute arbitrary PHP code by placing this code into a template...

9.8CVSS9.7AI score0.00944EPSS

Exploits1References1

Cvelist•added 2018/04/07 9:0 p.m.•15 views

CVE-2018-9847

In Gxlcms QY v1.0.0713, the update function in Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to execute arbitrary PHP code by placing this code into a template...

9.8AI score0.00944EPSS

Exploits1References1

CVE•added 2018/04/07 9:0 p.m.•43 views

CVE-2018-9847

GxlcmsQY v1.0.0713 contains an arbitrary PHP code execution vulnerability in the update function (Lib\Lib\Action\Admin\TplAction.class.php). An attacker can place code into a template to achieve remote code execution with network access. Public references in CNVD and NVD corroborate the issue; CV...

9.8CVSS9.6AI score0.00944EPSS

Exploits1References1Affected Software1

Cvelist•added 2018/04/07 9:0 p.m.•16 views

CVE-2018-9848

9.9AI score0.00944EPSS

Exploits1References1

Cvelist•added 2018/04/04 12:0 a.m.•17 views

CVE-2018-9247

The upsql function in \Lib\Lib\Action\Admin\DataAction.class.php in Gxlcms QY v1.0.0713 allows remote attackers to execute arbitrary SQL statements via the sql parameter. Consequently, an attacker can execute arbitrary PHP code by placing it after a ?php substring, and then using INTO OUTFILE wit...

9.9AI score0.00944EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by