107 matches found
EUVD-2022-24419
Malicious code in bioql PyPI...
EUVD-2022-24422
Malicious code in bioql PyPI...
CVE-2022-1075
A vulnerability was found in College Website Management System 1.0 and classified as problematic. Affected by this issue is the file /cwms/classes/Master.php?f=savecontact of the component Contact Handler. The manipulation leads to persistent cross site scripting. The attack may be launched...
CVE-2022-1078
A vulnerability was found in SourceCodester College Website Management System 1.0. It has been classified as critical. Affected is the file /cwms/admin/?page=articles/viewarticle/. The manipulation of the argument id with the input ' and select fromselectsleep10Avx and 'abc' = 'abc with an unknow...
The vulnerability of the Netcat Extra website management system is related to the ability to forge inter-site requests, allowing attackers to circumvent existing security restrictions and enhance their privileges within the system.
The vulnerability of the Netcat Extra website management system is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and enhance their privileges within the system by sending specially crafted reques...
SQL Injection Vulnerability in DedeCMS of Shanghai Zhuozhuo Network Technology Company Limited (CNVD-2024-13237)
DedeCMS is the most well-known PHP open source website management system, but also the use of the most users of the PHP class CMS system. Shanghai Zhuozhuo Network Technology Co., Ltd. DedeCMS SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive informatio...
The vulnerability of the SEMCMS_Upfile.php script of the website management system used by SemCms’ foreign trade enterprises allows a hacker to execute arbitrary code.
The vulnerability of the SEMCMSUpfile.php script in the website management system used by SemCms foreign trade enterprises involves unlimited downloading of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
Shanghai Zhuozhuo Network Technology Co., Ltd. DedeCMS file containment vulnerability
DedeCMS is a PHP open source website management system. Shanghai Zhuozhuo Network Technology Co., Ltd DedeCMS file contains a vulnerability that can be exploited by attackers to execute commands...
phpwcms sql injection vulnerability
phpwcms is a website management system that follows the GNU open source protocol and utilizes PHP+MYSQL architecture for development. A SQL injection vulnerability exists in versions of Phpwcms before 1.9.26. An attacker can exploit this vulnerability to perform SQL injection and steal data, etc...
CVE-2022-1078
A vulnerability was found in SourceCodester College Website Management System 1.0. It has been classified as critical. Affected is the file /cwms/admin/?page=articles/viewarticle/. The manipulation of the argument id with the input ' and select fromselectsleep10Avx and 'abc' = 'abc with an unknow...
Cross site scripting
A vulnerability was found in College Website Management System 1.0 and classified as problematic. Affected by this issue is the file /cwms/classes/Master.php?f=savecontact of the component Contact Handler. The manipulation leads to persistent cross site scripting. The attack may be launched...
CVE-2022-1078 SourceCodester College Website Management System sql injection
A vulnerability was found in SourceCodester College Website Management System 1.0. It has been classified as critical. Affected is the file /cwms/admin/?page=articles/viewarticle/. The manipulation of the argument id with the input ' and select fromselectsleep10Avx and 'abc' = 'abc with an unknow...
CVE-2022-1078
CVE-2022-1078 affects SourceCodester College Website Management System 1.0. The vulnerability lies in the admin path /cwms/admin/?page=articles/view_article/ where the argument id can be manipulated to perform a SQL injection (input like ' and (select * from(select(sleep(10)))Avx) and 'abc' = 'ab...
CVE-2022-1078 SourceCodester College Website Management System sql injection
A vulnerability was found in SourceCodester College Website Management System 1.0. It has been classified as critical. Affected is the file /cwms/admin/?page=articles/viewarticle/. The manipulation of the argument id with the input ' and select fromselectsleep10Avx and 'abc' = 'abc with an unknow...
CVE-2022-1075 College Website Management System Contact cross site scripting
A vulnerability was found in College Website Management System 1.0 and classified as problematic. Affected by this issue is the file /cwms/classes/Master.php?f=savecontact of the component Contact Handler. The manipulation leads to persistent cross site scripting. The attack may be launched...
CVE-2022-1075
CVE-2022-1075 affects College Website Management System 1.0. The vulnerable code path is /cwms/classes/Master.php?f=save_contact in the Contact Handler, where input manipulation can result in persistent cross-site scripting. The issue may be exploitable remotely and requires authentication. No re...
College Website Management System 1.0 SQL Injection Vulnerability
Exploit Title: College Website Management System 1.0 - SQL Injection Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15203/college-website-content-management-system-phpoop-free-source-code.html Version: 1.0 Tested on: Linux Title: ================ College Website...
College Website Management System 1.0 SQL Injection
Exploit Title: College Website Management System 1.0 - SQL Injection Date: 12/03/2022 Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15203/college-website-content-management-system-phpoop-free-source-code.html Version: 1.0 Tested on: Linux Title: ================ Colleg...
ESPCMS suffers from a command execution vulnerability (CNVD-2021-51346)
ESPCMS is an enterprise building management system based on PHP+MYSQL. A command execution vulnerability exists in ESPCMS, which can be exploited by attackers to gain control of the server...
SQL Injection Vulnerability in ESPCMS Professional Edition
ESPCMS is a PHP MYSQL based enterprise building management system. ESPCMS Professional Edition suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...