191 matches found
CVE-2025-3799
A vulnerability, which was classified as critical, was found in WCMS 11. Affected is an unknown function of the file app/controllers/AnonymousController.php. The manipulation of the argument email/username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-3798
A vulnerability, which was classified as critical, has been found in WCMS 11. This issue affects the function sub of the file app/admin/AdvadminController.php of the component Advertisement Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The...
CVE-2025-3800
A vulnerability has been found in WCMS 11 and classified as critical. Affected by this vulnerability is an unknown functionality of the file app/controllers/AnonymousController.php. The manipulation of the argument mobilephone leads to sql injection. The attack can be launched remotely. The explo...
CVE-2025-3800
A vulnerability has been found in WCMS 11 and classified as critical. Affected by this vulnerability is an unknown functionality of the file app/controllers/AnonymousController.php. The manipulation of the argument mobilephone leads to sql injection. The attack can be launched remotely. The explo...
CVE-2025-3800 WCMS AnonymousController.php sql injection
A vulnerability has been found in WCMS 11 and classified as critical. Affected by this vulnerability is an unknown functionality of the file app/controllers/AnonymousController.php. The manipulation of the argument mobilephone leads to sql injection. The attack can be launched remotely. The explo...
CVE-2025-3800 WCMS AnonymousController.php sql injection
A vulnerability has been found in WCMS 11 and classified as critical. Affected by this vulnerability is an unknown functionality of the file app/controllers/AnonymousController.php. The manipulation of the argument mobilephone leads to sql injection. The attack can be launched remotely. The explo...
CVE-2025-3800
CVE-2025-3800 affects WCMS 11, with a SQL injection vulnerability in an unknown functionality of file app/controllers/AnonymousController.php, triggered by manipulating the mobile_phone argument. Attack is remote; exploit has been disclosed publicly. Connected documents corroborate the issue and ...
CVE-2025-3799
A vulnerability, which was classified as critical, was found in WCMS 11. Affected is an unknown function of the file app/controllers/AnonymousController.php. The manipulation of the argument email/username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-3799
A vulnerability, which was classified as critical, was found in WCMS 11. Affected is an unknown function of the file app/controllers/AnonymousController.php. The manipulation of the argument email/username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-3799
CVE-2025-3799 affects WCMS 11, specifically an unknown function in file app/controllers/AnonymousController.php . The vulnerability is a SQL injection triggered by modifying the parameters email/username , exploitable remotely. Public disclosure and multiple CVE feeds corroborate remote attack po...
CVE-2025-3799 WCMS AnonymousController.php sql injection
A vulnerability, which was classified as critical, was found in WCMS 11. Affected is an unknown function of the file app/controllers/AnonymousController.php. The manipulation of the argument email/username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-3799 WCMS AnonymousController.php sql injection
A vulnerability, which was classified as critical, was found in WCMS 11. Affected is an unknown function of the file app/controllers/AnonymousController.php. The manipulation of the argument email/username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-3798
A vulnerability, which was classified as critical, has been found in WCMS 11. This issue affects the function sub of the file app/admin/AdvadminController.php of the component Advertisement Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The...
CVE-2025-3798
A vulnerability, which was classified as critical, has been found in WCMS 11. This issue affects the function sub of the file app/admin/AdvadminController.php of the component Advertisement Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The...
CVE-2025-3798 WCMS Advertisement Image AdvadminController.php sub unrestricted upload
A vulnerability, which was classified as critical, has been found in WCMS 11. This issue affects the function sub of the file app/admin/AdvadminController.php of the component Advertisement Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The...
CVE-2025-3798
CVE-2025-3798 affects WCMS 11, specifically the Advertisement Image Handler: the vulnerable sub function in app/admin/AdvadminController.php can lead to unrestricted uploads. This is described across multiple sources (e.g., PT-2025-17374, Red Hat/CVE entries) and is exploitable remotely. Affected...
CVE-2025-3798 WCMS Advertisement Image AdvadminController.php sub unrestricted upload
A vulnerability, which was classified as critical, has been found in WCMS 11. This issue affects the function sub of the file app/admin/AdvadminController.php of the component Advertisement Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The...
PT-2025-17375 · Wcms · Wcms
Name of the Vulnerable Software and Affected Versions: WCMS version 11 Description: A critical vulnerability was found in WCMS 11, affecting an unknown function of the file app/controllers/AnonymousController.php. The manipulation of the email/username argument leads to SQL injection. It is...
PT-2025-17376 · Wcms · Wcms
Name of the Vulnerable Software and Affected Versions: WCMS version 11 Description: A critical vulnerability has been found in WCMS 11, affecting an unknown functionality of the file app/controllers/AnonymousController.php. The manipulation of the mobile phone argument leads to SQL injection. The...
PT-2025-17374 · Wcms · Wcms
Name of the Vulnerable Software and Affected Versions: WCMS version 11 Description: A critical issue has been found in the Advertisement Image Handler component, affecting the sub function of the file app/admin/AdvadminController.php. This issue leads to unrestricted upload and can be initiated...