60 matches found
CVE-2025-14004
A security flaw has been discovered in dayrui XunRuiCMS up to 4.7.1. Affected is an unknown function of the file /admind45f74adbd95.php?c=email=add of the component Email Setting Handler. Performing a manipulation results in server-side request forgery. Remote exploitation of the attack is...
CVE-2025-14008
A flaw has been found in dayrui XunRuiCMS up to 4.7.1. This vulnerability affects unknown code of the file admin79f2ec220c7e.php?c=api&m=testsitedomain of the component Project Domain Change Test. This manipulation of the argument v causes server-side request forgery. It is possible to initiate t...
EUVD-2023-23910
Malicious code in bioql PyPI...
EUVD-2023-23909
Malicious code in bioql PyPI...
EUVD-2023-23908
Malicious code in bioql PyPI...
EUVD-2023-23911
Malicious code in bioql PyPI...
CVE-2023-1681
A vulnerability, which was classified as problematic, was found in Xunrui CMS 4.61. Affected is an unknown function of the file /config/myfield/test.php. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public an...
CVE-2023-1680
A vulnerability, which was classified as problematic, has been found in Xunrui CMS 4.61. This issue affects some unknown processing of the file /dayrui/My/View/main.html. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the...
CVE-2023-1682
A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /dayrui/My/Config/Install.txt. The manipulation leads to direct request. The attack can be launched remotely. The exploit has been disclosed to t...
CVE-2023-1683
A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this issue is some unknown functionality of the file /dayrui/Fcms/View/systemlog.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to t...
CVE-2023-43962
Cross Site Scripting vulnerability in Xunrui CMS Public Edition v.4.6.1 allows a remote attacker to execute arbitrary code via the project name function in the project settings tab...
SQL Injection Vulnerability in Xunrui CMS of Sichuan Xunrui Cloud Software Development Co.
Swift CMS is a content management framework based on CodeIgniter4, which is mainly used for website construction and content management. Sichuan Xunrui Cloud Software Development Co., Ltd. Xunrui CMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive...
Command Execution Vulnerability in Xunrui CMS of Sichuan Xunrui Cloud Software Development Co.
Xunrui CMS is a free and open source web content management system CMS based on PHP language. Sichuan Xunrui Cloud Software Development Co., Ltd. Xunrui CMS has a command execution vulnerability that can be exploited by attackers to gain server privileges...
XunRui CMS Cross-Site Scripting Vulnerability
XunRui CMS Xunrui CMS is China Xunrui Xunrui company's set of open source content management system CMS. A cross-site scripting vulnerability exists in XunRui CMS v4.6.1, which stems from the lack of effective filtering and escaping of user-supplied data, and can be exploited by a remote attacker...
CVE-2023-43962
Cross Site Scripting vulnerability in Xunrui CMS Public Edition v.4.6.1 allows a remote attacker to execute arbitrary code via the project name function in the project settings tab...
CVE-2023-43962
Cross Site Scripting vulnerability in Xunrui CMS Public Edition v.4.6.1 allows a remote attacker to execute arbitrary code via the project name function in the project settings tab...
CVE-2023-43962
Cross Site Scripting vulnerability in Xunrui CMS Public Edition v.4.6.1 allows a remote attacker to execute arbitrary code via the project name function in the project settings tab...
PT-2024-13150 · Xunruicms · Xunruicms
Name of the Vulnerable Software and Affected Versions: Xunrui CMS Public Edition version 4.6.1 Description: The issue allows a remote attacker to execute arbitrary code via the project name function in the project settings tab. This is a Cross Site Scripting vulnerability. Recommendations: For...
CVE-2023-43962
Xunrui CMS Public Edition v4.6.1 is affected by a Cross Site Scripting vulnerability. The flaw enables a remote attacker to execute arbitrary code via the project name function in the project settings tab. The Red Hat, CNVD, CNVD, NVD, CIRCL, and CVE listings consistently describe the same issue....
XunRui CMS 安全漏洞
XunRui CMS Xunrui CMS is China Xunrui Xunrui company's set of open source content management system CMS. A cross-site scripting vulnerability exists in XunRui CMS v4.6.1, which stems from the lack of effective filtering and escaping of user-supplied data, and can be exploited by a remote attacker...