Lucene search
K

191 matches found

RedhatCVE
RedhatCVE
added 2025/04/26 12:58 a.m.11 views

CVE-2025-3799

A vulnerability, which was classified as critical, was found in WCMS 11. Affected is an unknown function of the file app/controllers/AnonymousController.php. The manipulation of the argument email/username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS7.4AI score0.00428EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/26 12:20 a.m.15 views

CVE-2025-3798

A vulnerability, which was classified as critical, has been found in WCMS 11. This issue affects the function sub of the file app/admin/AdvadminController.php of the component Advertisement Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The...

7.2CVSS7AI score0.00381EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/26 12:19 a.m.15 views

CVE-2025-3800

A vulnerability has been found in WCMS 11 and classified as critical. Affected by this vulnerability is an unknown functionality of the file app/controllers/AnonymousController.php. The manipulation of the argument mobilephone leads to sql injection. The attack can be launched remotely. The explo...

9.8CVSS7.4AI score0.00534EPSS
Exploits1References1
NVD
NVD
added 2025/04/19 12:15 p.m.33 views

CVE-2025-3800

A vulnerability has been found in WCMS 11 and classified as critical. Affected by this vulnerability is an unknown functionality of the file app/controllers/AnonymousController.php. The manipulation of the argument mobilephone leads to sql injection. The attack can be launched remotely. The explo...

9.8CVSS0.00534EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/04/19 11:31 a.m.13 views

CVE-2025-3800 WCMS AnonymousController.php sql injection

A vulnerability has been found in WCMS 11 and classified as critical. Affected by this vulnerability is an unknown functionality of the file app/controllers/AnonymousController.php. The manipulation of the argument mobilephone leads to sql injection. The attack can be launched remotely. The explo...

7.5CVSS7.5AI score0.00534EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/04/19 11:31 a.m.61 views

CVE-2025-3800 WCMS AnonymousController.php sql injection

A vulnerability has been found in WCMS 11 and classified as critical. Affected by this vulnerability is an unknown functionality of the file app/controllers/AnonymousController.php. The manipulation of the argument mobilephone leads to sql injection. The attack can be launched remotely. The explo...

7.5CVSS0.00534EPSS
Exploits1References4
CVE
CVE
added 2025/04/19 11:31 a.m.73 views

CVE-2025-3800

CVE-2025-3800 affects WCMS 11, with a SQL injection vulnerability in an unknown functionality of file app/controllers/AnonymousController.php, triggered by manipulating the mobile_phone argument. Attack is remote; exploit has been disclosed publicly. Connected documents corroborate the issue and ...

9.8CVSS7.5AI score0.00534EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/04/19 11:15 a.m.7 views

CVE-2025-3799

A vulnerability, which was classified as critical, was found in WCMS 11. Affected is an unknown function of the file app/controllers/AnonymousController.php. The manipulation of the argument email/username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS5.7AI score0.00428EPSS
Exploits1References4
NVD
NVD
added 2025/04/19 11:15 a.m.37 views

CVE-2025-3799

A vulnerability, which was classified as critical, was found in WCMS 11. Affected is an unknown function of the file app/controllers/AnonymousController.php. The manipulation of the argument email/username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS0.00428EPSS
Exploits1References4
CVE
CVE
added 2025/04/19 10:31 a.m.77 views

CVE-2025-3799

CVE-2025-3799 affects WCMS 11, specifically an unknown function in file app/controllers/AnonymousController.php . The vulnerability is a SQL injection triggered by modifying the parameters email/username , exploitable remotely. Public disclosure and multiple CVE feeds corroborate remote attack po...

9.8CVSS7.5AI score0.00428EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/19 10:31 a.m.9 views

CVE-2025-3799 WCMS AnonymousController.php sql injection

A vulnerability, which was classified as critical, was found in WCMS 11. Affected is an unknown function of the file app/controllers/AnonymousController.php. The manipulation of the argument email/username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS7.5AI score0.00428EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/04/19 10:31 a.m.36 views

CVE-2025-3799 WCMS AnonymousController.php sql injection

A vulnerability, which was classified as critical, was found in WCMS 11. Affected is an unknown function of the file app/controllers/AnonymousController.php. The manipulation of the argument email/username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS0.00428EPSS
Exploits1References4
NVD
NVD
added 2025/04/19 10:15 a.m.40 views

CVE-2025-3798

A vulnerability, which was classified as critical, has been found in WCMS 11. This issue affects the function sub of the file app/admin/AdvadminController.php of the component Advertisement Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The...

7.2CVSS0.00381EPSS
Exploits1References4
OSV
OSV
added 2025/04/19 10:15 a.m.8 views

CVE-2025-3798

A vulnerability, which was classified as critical, has been found in WCMS 11. This issue affects the function sub of the file app/admin/AdvadminController.php of the component Advertisement Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The...

7.2CVSS5.3AI score0.00381EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/04/19 10:0 a.m.8 views

CVE-2025-3798 WCMS Advertisement Image AdvadminController.php sub unrestricted upload

A vulnerability, which was classified as critical, has been found in WCMS 11. This issue affects the function sub of the file app/admin/AdvadminController.php of the component Advertisement Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The...

5.8CVSS4.8AI score0.00381EPSS
Exploits1References4
CVE
CVE
added 2025/04/19 10:0 a.m.63 views

CVE-2025-3798

CVE-2025-3798 affects WCMS 11, specifically the Advertisement Image Handler: the vulnerable sub function in app/admin/AdvadminController.php can lead to unrestricted uploads. This is described across multiple sources (e.g., PT-2025-17374, Red Hat/CVE entries) and is exploitable remotely. Affected...

7.2CVSS5AI score0.00381EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/04/19 10:0 a.m.33 views

CVE-2025-3798 WCMS Advertisement Image AdvadminController.php sub unrestricted upload

A vulnerability, which was classified as critical, has been found in WCMS 11. This issue affects the function sub of the file app/admin/AdvadminController.php of the component Advertisement Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The...

5.8CVSS0.00381EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/04/19 12:0 a.m.8 views

PT-2025-17375 · Wcms · Wcms

Name of the Vulnerable Software and Affected Versions: WCMS version 11 Description: A critical vulnerability was found in WCMS 11, affecting an unknown function of the file app/controllers/AnonymousController.php. The manipulation of the email/username argument leads to SQL injection. It is...

9.8CVSS7.5AI score0.00428EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2025/04/19 12:0 a.m.5 views

PT-2025-17376 · Wcms · Wcms

Name of the Vulnerable Software and Affected Versions: WCMS version 11 Description: A critical vulnerability has been found in WCMS 11, affecting an unknown functionality of the file app/controllers/AnonymousController.php. The manipulation of the mobile phone argument leads to SQL injection. The...

9.8CVSS7.5AI score0.00534EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2025/04/19 12:0 a.m.8 views

PT-2025-17374 · Wcms · Wcms

Name of the Vulnerable Software and Affected Versions: WCMS version 11 Description: A critical issue has been found in the Advertisement Image Handler component, affecting the sub function of the file app/admin/AdvadminController.php. This issue leads to unrestricted upload and can be initiated...

7.2CVSS4.7AI score0.00381EPSS
Exploits1References11
Rows per page
Query Builder