CVE-2025-63551

A Server-Side Request Forgery SSRF vulnerability, achievable through an XML External Entity XXE injection, exists in MetInfo Content Management System CMS thru 8.1. This flaw stems from a defect in the XML parsing logic, which allows an attacker to construct a malicious XML entity that forces the...

CVE-2025-63551

A Server-Side Request Forgery SSRF vulnerability, achievable through an XML External Entity XXE injection, exists in MetInfo Content Management System CMS thru 8.1. This flaw stems from a defect in the XML parsing logic, which allows an attacker to construct a malicious XML entity that forces the...

CVE-2024-42678

Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html component...

CVE-2024-42678

Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html component...

Super easy enterprise management system 安全漏洞

Super easy enterprise management system is a set of comprehensive enterprise management software from Guangzhou Super easy Information Technology Co., Ltd. in China, which is designed to help enterprises improve their operational efficiency and management level. A security vulnerability exists in...

CVE-2024-42678

Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html component...

CVE-2024-42678

CVE-2024-42678 affects the product “Super easy enterprise management system” (versions 1.0.0 and earlier). The vulnerability is a Cross Site Scripting (XSS) flaw that enables a local attacker to execute arbitrary code by delivering a crafted script to the vulnerable component at “/WebSet/DlgGridS...

CVE-2024-42678

Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html component...

CVE-2020-18414

Stored cross site scripting XSS vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset...

CVE-2020-18414

Stored cross site scripting XSS vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset...

Chaojicms 跨站脚本漏洞

Chaojicms is a super Cms web management system. A security vulnerability exists in Chaojicms v2.18. An attacker can exploit the vulnerability to execute arbitrary code via /index.php?admin-master-webset...

PT-2023-11500 · Unknown · Chaoji Cms

Name of the Vulnerable Software and Affected Versions: Chaoji CMS version 2.18 Description: A stored cross site scripting XSS issue allows attackers to execute arbitrary code via the "/index.php?admin-master-webset" API endpoint. This enables attackers to inject malicious scripts into the...

(0Day) WECON LeviStudioU WebSet WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of t...

(0Day) Wecon LeviStudioU aetlog WebSet WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...