146 matches found
EUVD-2004-2202
Malware in sbrugna...
EUVD-2020-27422
Malware in sbrugna...
EUVD-2006-2960
Malware in sbrugna...
EUVD-2009-3103
Malware in sbrugna...
EUVD-2009-2375
Malware in sbrugna...
EUVD-2008-3017
Malware in sbrugna...
EUVD-2023-53097
Malicious code in bioql PyPI...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
CVE-2020-6272
SAP Commerce Cloud versions - 1808, 1811, 1905, 2005, does not sufficiently encode user inputs, which allows an authenticated and authorized content manager to inject malicious script into several web CMS components. These can be saved and later triggered, if an affected web page is visited,...
CVE-2004-2210
Multiple cross-site scripting XSS vulnerabilities in Express-Web Content Management System CMS allow remote attackers to steal cookie-based authentication information and possibly perform other exploits via the 1 n, 2 b, 3 e, or 4 a parameters to default.asp, 5 the Referer header in an HTTP reque...
CVE-2009-3120
Cross-site scripting XSS vulnerability in public/index.php in BIGACE Web CMS 2.6 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: some of these details are obtained from third party information...
CVE-2023-38499
TYPO3 is an open source PHP based web content management system. Starting in version 9.4.0 and prior to versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, and 12.4.4, in multi-site scenarios, enumerating the HTTP query parameters id and L allowed out-of-scope access to rendered content in the website...
CVE-2023-38499 typo3/cms-core Information Disclosure due to Out-of-scope Site Resolution
TYPO3 is an open source PHP based web content management system. Starting in version 9.4.0 and prior to versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, and 12.4.4, in multi-site scenarios, enumerating the HTTP query parameters id and L allowed out-of-scope access to rendered content in the website...
Doufox 安全漏洞
Doufox is a Chinese Crogram Doufox open source PHP and MySQL based on a powerful CMS website builder . Doufox v0.0.4 version of a security vulnerability , the vulnerability stems from allowing an attacker to execute arbitrary code through a well-designed PHP file...
CVE-2022-36108
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the f:asset.css view helper is vulnerable to cross-site scripting when user input is passed as variables to the CSS. Update to TYPO3 version 10.4.32 or 11.5.16 that fix the...
Design/Logic Flaw
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as an error message from another page. This leads t...
RiteCMS arbitrary file overwrite vulnerability
RiteCMS is a web CMS. An arbitrary file overwrite vulnerability exists in RiteCMS versions 3.1.0 and below, which stems from the failure of a web system or product to properly filter special elements in a resource or file path, and can be exploited by an authenticated attacker to overwrite any fi...
Elite Graphix Elite Cms SQL注入漏洞
Elite Graphix Elite Cms is a Web Content Management written in Php language by Elite Graphix India. A platform for storing and organizing information and documents. Elite Graphix Elite Cms suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL...
EyouCms 跨站脚本漏洞
Zanzan Network Technology EyouCms EyouCms is a ThinkPHP-based open source content management system CMS from Zanzan Network Technology in China.Eyoucms 1.4.7 and previous versions have a cross-site scripting vulnerability, which stems from the fact that the addonfieldext parameter is not validate...
ARTWARE CMS Arbitrary File Upload Vulnerability
ARTWARE CMS is an application. A web CMS. ARTWARE CMS suffers from an arbitrary file upload vulnerability, which stems from the fact that the parameters of the ARTWARE CMS image upload feature do not filter the type of files uploaded, and can be exploited by attackers to upload arbitrary files an...