Lucene search
+L

68 matches found

OSV
OSV
added 2018/07/17 2:29 a.m.10 views

CVE-2018-14331

An issue was discovered in XiaoCms X1 v20140305. There is a CSRF vulnerability to change the administrator account password via admin/index.php?c=index&a=my...

8.8CVSS7AI score
Exploits0References1
Cvelist
Cvelist
added 2018/07/17 2:0 a.m.17 views

CVE-2018-14331

An issue was discovered in XiaoCms X1 v20140305. There is a CSRF vulnerability to change the administrator account password via admin/index.php?c=index&a=my...

8.8AI score0.00523EPSS
Exploits1References1
CVE
CVE
added 2018/07/17 2:0 a.m.38 views

CVE-2018-14331

The CVE-2018-14331 issue affects XiaoCms X1 v20140305 and is a CSRF vulnerability that allows changing the administrator password via admin/index.php?c=index&a=my. Public records across sources confirm the affected software and the vulnerability class, with CVSS vectors indicating partial confide...

8.8CVSS8.7AI score0.00523EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/07/11 12:0 a.m.2 views

File upload vulnerability in XiaoCms Enterprise Website Edition (XiaoCms企业建站版)

Based on PHP+Mysql architecture, XiaoCms Enterprise Builder is a small, flexible, simple and easy-to-use lightweight cms. XiaoCms Enterprise Website Builder has a file upload vulnerability that can be exploited by attackers to upload malicious scripts to gain administrator privileges...

7.3AI score
Exploits0
CNVD
CNVD
added 2018/01/25 12:0 a.m.3 views

Arbitrary file deletion vulnerability in XiaoCms background template.php and database.php pages

Based on PHP+Mysql architecture, XiaoCms Enterprise Builder is a small, flexible, simple and easy-to-use lightweight cms. XIAOCMS background template.php and database.php page there are arbitrary file deletion vulnerability. Attackers can successfully delete files in the root directory by...

7.1AI score
Exploits0
CNVD
CNVD
added 2017/10/10 12:0 a.m.2 views

XiaoCMS admin\controller\login.php page has a logical design vulnerability

XiaoCms Enterprise Builder is a small, flexible, simple and easy-to-use lightweight cms based on PHP+Mysql architecture. XiaoCMS admin\controller\login.php page has a logical design vulnerability. The vulnerability is due to the CAPTCHA judgment and restriction of the login function, the attacker...

7AI score
Exploits0
CNVD
CNVD
added 2017/07/06 12:0 a.m.2 views

XIAOcms website builder system has file inclusion vulnerability

XiaoCms Enterprise Building Edition is based on PHP+Mysql architecture It is a small, flexible, simple and easy to use lightweight cms. A file inclusion vulnerability exists in the XIAOcms website builder system. An attacker can exploit this vulnerability to upload script files...

7AI score
Exploits0
CNVD
CNVD
added 2015/02/11 12:0 a.m.5 views

xiaoCMS Arbitrary File Upload Vulnerability

xiaoCMS is a PHP+MYSQL open source web application for publishing news, building corporate, personal portals. xiaoCMS has an arbitrary file upload vulnerability due to lax program filtering. Allowing an attacker to exploit the vulnerability can upload php type webshell, and then control the serve...

7.2AI score
Exploits0
Rows per page
Query Builder