61 matches found
CVE-2018-12065
A Local File Inclusion vulnerability in /system/WCore/WHelper.php in Creatiwity wityCMS 0.6.2 allows remote attackers to include local PHP files execute PHP code or read non-PHP files by replacing a helper.json file...
EUVD-2018-4048
Malware in sbrugna...
EUVD-2018-8576
Malware in sbrugna...
EUVD-2018-8102
Malware in sbrugna...
EUVD-2018-8103
Malware in sbrugna...
EUVD-2018-3541
Malware in sbrugna...
EUVD-2018-5959
Malware in sbrugna...
EUVD-2022-34048
Malicious code in bioql PyPI...
CVE-2022-29725
An arbitrary file upload in the image upload component of wityCMS v0.6.2 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2018-16250
The "utilisateur" menu in Creatiwity wityCMS 0.6.2 modifies the presence of XSS at two input points for user information, with the "first name" and "last name" parameters...
CVE-2018-16251
A "search for user discovery" injection issue exists in Creatiwity wityCMS 0.6.2 via the "Utilisateur" menu. No input parameters are filtered, e.g., the /admin/user/users Nickname, email, firstname, lastname, and groupe parameters...
CVE-2022-29725
An arbitrary file upload in the image upload component of wityCMS v0.6.2 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-29725
An arbitrary file upload in the image upload component of wityCMS v0.6.2 allows attackers to execute arbitrary code via a crafted PHP file...
Creatiwity wityCMS 代码问题漏洞
Creatiwity wityCMS is a lightweight PHP-based content management system CMS. A security vulnerability exists in Creatiwity wityCMS version 0.6.2, which stems from an arbitrary file upload vulnerability in the image upload component. The vulnerability can be exploited by an attacker to execute...
CVE-2022-29725
An arbitrary file upload in the image upload component of wityCMS v0.6.2 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-29725
The CVE-2022-29725 entry concerns Creatiwity wityCMS 0.6.2, where an arbitrary file upload in the image upload component enables code execution via a crafted PHP file. Documents indicate this is exploitable over the network with low complexity and no user interaction, potentially causing high-imp...
SQL injection vulnerability in witycms (CNVD-2019-27268)
wityCMS is a lightweight PHP-based model-view-controller-oriented content management system CMS A SQL injection vulnerability exists in witycms, which can be exploited by attackers to obtain sensitive database information...
Creatiwity wityCMS cross-site scripting vulnerability (CNVD-2019-19292)
Creatiwity wityCMS is a lightweight PHP-based content management system CMS. A cross-site scripting vulnerability exists in the utilisateur menu in Creatiwity wityCMS version 0.6.2. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker ca...
Creatiwity wityCMS SQL Injection Vulnerability
Creatiwity wityCMS is a lightweight PHP-based content management system CMS. A SQL injection vulnerability exists in Creatiwity wityCMS version 0.6.2. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit thi...
CVE-2018-16250
The "utilisateur" menu in Creatiwity wityCMS 0.6.2 modifies the presence of XSS at two input points for user information, with the "first name" and "last name" parameters...