11 matches found
EUVD-2023-23625
Malicious code in bioql PyPI...
CVE-2023-1368
A vulnerability was found in XHCMS 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component POST Parameter Handler. The manipulation of the argument user leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2023-1368
A vulnerability was found in XHCMS 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component POST Parameter Handler. The manipulation of the argument user leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2023-1368
A vulnerability was found in XHCMS 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component POST Parameter Handler. The manipulation of the argument user leads to sql injection. The attack can be initiated remotely. The exploit has been...
Sql injection
A vulnerability was found in XHCMS 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component POST Parameter Handler. The manipulation of the argument user leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2023-1368 XHCMS POST Parameter login.php sql injection
A vulnerability was found in XHCMS 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component POST Parameter Handler. The manipulation of the argument user leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2023-1368
CVE-2023-1368 concerns XHCMS 1.0, specifically the POST Parameter Handler’s login.php. The vulnerability arises from unknown code in login.php where manipulating the POST parameter user enables SQL injection. Exploitation can be performed remotely, and multiple sources describe the issue as criti...
CVE-2023-1368 XHCMS POST Parameter login.php sql injection
A vulnerability was found in XHCMS 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component POST Parameter Handler. The manipulation of the argument user leads to sql injection. The attack can be initiated remotely. The exploit has been...
XHCMS SQL注入漏洞
XHCMS is a general-purpose CMS system developed by huzizhaz. A SQL injection vulnerability exists in XHCMS version 1.0, which originates from the presence of unknown code in the file login.php in the component POST Parameter Handler, which leads to sql injection via the parameter user...
PT-2023-16935 · Xhcms · Xhcms
Name of the Vulnerable Software and Affected Versions: XHCMS version 1.0 Description: A critical issue has been found in the POST Parameter Handler component of the login.php file, where the manipulation of the user argument leads to SQL injection. This issue can be initiated remotely...
File upload vulnerability in XHCMS backend (CNVD-2021-34276)
XHCMS is a general-purpose cms system generated based on xhadmin, which supports full-site staticization. A file upload vulnerability exists in the background of XHCMS. Attackers can use this vulnerability to obtain server control privileges...