2 matches found
XiaoCms X1 Cross-Site Request Forgery Vulnerability
XiaoCms X1 is a lightweight content management system CMS based on PHP and MySQL and capable of running on Linux, Windows and other platforms. A cross-site request forgery vulnerability exists in XiaoCms X1 version 20140305. A remote attacker can use this vulnerability to change the password of t...
SQL Injection Vulnerability in XiaoCMS Backend Database.php Page
Based on PHP+Mysql architecture, XiaoCms Enterprise Builder is a small, flexible, simple and easy-to-use lightweight cms. A SQL injection vulnerability exists in the database.php page of XiaoCMS backend. An attacker can exploit this vulnerability to obtain sensitive information from the database...