EUVD-2020-10875

Malware in sbrugna...

EUVD-2022-24419

Malicious code in bioql PyPI...

EUVD-2022-24422

Malicious code in bioql PyPI...

PT-2025-34563 · Unknown · Dcn Dcme-720

Name of the Vulnerable Software and Affected Versions: DCN DCME-720 version 9.1.5.11 Description: A vulnerability exists in DCN DCME-720 version 9.1.5.11 related to OS command injection. The issue is located in the Web Management Backend component, specifically within the file...

Vulnerability of the iblock module in the 1C-Bitrix website management system: Website management that allows attackers to gain unauthorized access to protected information

Vulnerability of the iblock module in the Content Management System CMS of 1C-Bitrix: Website management is associated with errors in processing the relative path to the catalog. Exploiting this vulnerability can allow unauthorized users to gain unauthorized access to protected information...

Vulnerability of the iblock module in the 1C-Bitrix website management system: Website management that allows attackers to gain unauthorized access to protected information

Vulnerability of the iblock module in the Content Management System CMS of 1C-Bitrix: Website management is associated with errors in processing the relative path to the catalog. Exploiting this vulnerability can allow unauthorized users to gain unauthorized access to protected information...

CVE-2022-1075

A vulnerability was found in College Website Management System 1.0 and classified as problematic. Affected by this issue is the file /cwms/classes/Master.php?f=savecontact of the component Contact Handler. The manipulation leads to persistent cross site scripting. The attack may be launched...

CVE-2021-20810

Cross-site scripting vulnerability in Website Management screen of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series, Movable Type 6.8.0 and earlier Movable Type 6 Series, Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series, Movable Type Premium 1.44 and...

CVE-2022-1078

A vulnerability was found in SourceCodester College Website Management System 1.0. It has been classified as critical. Affected is the file /cwms/admin/?page=articles/viewarticle/. The manipulation of the argument id with the input ' and select fromselectsleep10Avx and 'abc' = 'abc with an unknow...

CVE-2025-23756

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ivanchernyakov LawPress – Law Firm Website Management lawpress allows Reflected XSS.This issue affects LawPress – Law Firm Website Management: from n/a through = 1.4.5...

The vulnerability of the Netcat Extra website management system is related to the ability to forge inter-site requests, allowing attackers to circumvent existing security restrictions and enhance their privileges within the system.

The vulnerability of the Netcat Extra website management system is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and enhance their privileges within the system by sending specially crafted reques...

SQL Injection Vulnerability in DedeCMS of Shanghai Zhuozhuo Network Technology Company Limited (CNVD-2024-13237)

DedeCMS is the most well-known PHP open source website management system, but also the use of the most users of the PHP class CMS system. Shanghai Zhuozhuo Network Technology Co., Ltd. DedeCMS SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive informatio...

The vulnerability of the SEMCMS_Upfile.php script of the website management system used by SemCms’ foreign trade enterprises allows a hacker to execute arbitrary code.

The vulnerability of the SEMCMSUpfile.php script in the website management system used by SemCms foreign trade enterprises involves unlimited downloading of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

DedeBIZ Cross-Site Scripting Vulnerability

DedeBIZ is a content management system from China Muyun Intelligent Technology DedeBIZ company. A security vulnerability exists in DedeBIZ v6.2.11, which stems from a stored cross-site scripting XSS vulnerability in the Website column management feature...

Vulnerability of the CMS system: 1C-Bitrix – Website management related to authentication procedures’ flaws, allowing attackers to access confidential information and perform operations with privileged access rights of compromised accounts.

Vulnerability of the CMS system: 1C-Bitrix. Website management is associated with deficiencies in authentication procedures. Exploiting this vulnerability can allow a malicious actor to gain access to confidential information and perform operations under the privileges of a compromised account...

PT-2023-25945 · Atarim · Atarim Plugin +1

Name of the Vulnerable Software and Affected Versions: Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin versions = 3.9.3 Description: The issue is related to an Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with...

Shanghai Zhuozhuo Network Technology Co., Ltd. DedeCMS file containment vulnerability

DedeCMS is a PHP open source website management system. Shanghai Zhuozhuo Network Technology Co., Ltd DedeCMS file contains a vulnerability that can be exploited by attackers to execute commands...

Shanghai Zhuozhuo Network Technology Co., Ltd. DedeCMS file containment vulnerability

DedeCMS is a PHP open source website management system. Shanghai Zhuozhuo Network Technology Co., Ltd DedeCMS file contains a vulnerability that can be exploited by attackers to execute commands...

phpwcms sql injection vulnerability

phpwcms is a website management system that follows the GNU open source protocol and utilizes PHP+MYSQL architecture for development. A SQL injection vulnerability exists in versions of Phpwcms before 1.9.26. An attacker can exploit this vulnerability to perform SQL injection and steal data, etc...

The Cybersecurity CIA Triad: What You Need to Know as a WordPress Site Owner

One of the core concepts of cybersecurity is known as the CIA Triad. There are three pillars to the triad, with each pillar being designed to address an aspect of securing data. These three pillars are Confidentiality, Integrity, and Availability. The Confidentiality pillar is intended to prevent...