CVE-2024-55452

A URL redirection vulnerability exists in UJCMS 9.6.3 due to improper validation of URLs in the upload and rendering of new block / carousel items. This vulnerability allows authenticated attackers to redirect unprivileged users to an arbitrary, attacker-controlled webpage. When an authenticated...

CVE-2025-25958

Cross Site Scripting vulnerabilities in phpcmsv9 v.9.6.3 allows a remote attacker to escalate privileges via a crafted script...

PT-2025-7590 · Phpcmsv9 · Phpcmsv9

Name of the Vulnerable Software and Affected Versions: phpcmsv9 version 9.6.3 Description: The issue allows a remote attacker to escalate privileges via the menu interface of the member center of the background administrator. This is a Cross-Site Scripting issue. Recommendations: For phpcmsv9...

PT-2025-7589 · Phpcmsv9 · Phpcmsv9

Name of the Vulnerable Software and Affected Versions: phpcmsv9 version 9.6.3 Description: Cross Site Scripting vulnerabilities in phpcmsv9 allow a remote attacker to escalate privileges via a crafted script. Recommendations: For phpcmsv9 version 9.6.3, update to a version that fixes the Cross Si...

CVE-2025-25958

This CVE (CVE-2025-25958) affects phpcmsv9 v9.6.3 and is a Cross Site Scripting vulnerability that allows a remote attacker to escalate privileges via a crafted script. The vulnerability is documented across multiple sources (NVD, Red Hat, CNNVD, CVE lists) with the root cause described as XSS in...

PT-2024-36520 · Ujcms · Ujcms

Name of the Vulnerable Software and Affected Versions: UJCMS version 9.6.3 Description: A URL redirection vulnerability exists in UJCMS due to improper validation of URLs in the upload and rendering of new block/carousel items. This issue allows authenticated attackers to redirect unprivileged...

UJCMS 安全漏洞

UJCMS is a Java open source content management system from dromara open source. A security vulnerability exists in UJCMS version 9.6.3, which stems from improper URL authentication and a URL redirection vulnerability that allows an authenticated attacker to redirect an unprivileged user to an...

UJCMS 安全漏洞

UJCMS is a Java open source content management system from dromara open source. A security vulnerability exists in UJCMS version 9.6.3 and earlier, which originates in the file /users/id and can lead to authorization bypass...

WordPress Plugin Salon booking system 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

WordPress Plugin Salon booking system 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

Telegram 安全漏洞

Telegram is an instant messaging mobile application. A security vulnerability exists in Telegram version v9.6.3, which stems from a vulnerability that allows an attacker to hide critical information on the User Interface by calling the function SFSafariViewController...

PHPCMS 跨站脚本漏洞

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes news, images, downloads, information, products and other modules. A cross-site scripting vulnerability exists in PHPCMS version V9.6.3, which stems from a lack of filtering escapes for parameters on...