EUVD-2018-8857

Malware in sbrugna...

File upload vulnerability in yiqiCMS (CNVD-2020-75031)

yiqiCMS is a CMS system, the product is used for enterprise building. A file upload vulnerability exists in yiqiCMS, which can be exploited by an attacker to gain control of the server...

Zhengzhou Weikou Network Technology Co., Ltd. yiqicms foreground ar***.php file SQL injection vulnerability

Yiqi CMS yiqicms is a content management system CMS for marketing-oriented enterprise websites. Zhengzhou Weikou Network Technology Co., Ltd. yiqicms front ar.php file SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive information in the database...

SQL Injection Vulnerability in yiqicms

Yiqicms is a SEO-based marketing enterprise website system, using PHP+Mysql open source building system. yiqicms SQL injection vulnerability , attackers can use the vulnerability to obtain database sensitive information...

SQL injection vulnerability in yiqicms frontend pr***.php file

Yiqi CMS yiqicms is a content management system CMS for marketing-oriented enterprise websites. A SQL injection vulnerability exists in the yiqicms front-end pr.php file. An attacker can exploit the vulnerability to obtain sensitive database information...

SQL injection vulnerability in yiqicms frontend pr***.php file

Yiqicms is a SEO-based marketing enterprise website system, using PHP+Mysql open source building system. There is a SQL injection vulnerability in the front pr.php file of yiqicms. Attackers can use this vulnerability to obtain sensitive information...

yiqicms Cross-Site Scripting Vulnerability

yiqicms is a content management system CMS for marketing enterprise websites. A cross-site scripting vulnerability exists in the comment.php file in yiqicms 2016-11-20 and earlier versions, which stems from the program only applying a length restriction to $msgtitle, which can be exploited by a...

CVE-2018-17077

An issue was discovered in yiqicms through 2016-11-20. There is stored XSS in comment.php because a length limit can be bypassed...

CVE-2018-17077

An issue was discovered in yiqicms through 2016-11-20. There is stored XSS in comment.php because a length limit can be bypassed...

Cross site scripting

An issue was discovered in yiqicms through 2016-11-20. There is stored XSS in comment.php because a length limit can be bypassed...

CVE-2018-17077

An issue was discovered in yiqicms through 2016-11-20. There is stored XSS in comment.php because a length limit can be bypassed...

CVE-2018-17077

CVE-2018-17077 affects yiqicms (pre-2016-11-20) with a stored cross-site scripting (XSS) vulnerability in the file comment.php caused by a bypassable length restriction on the message title. The CNVD/NVD records describe that an attacker can inject arbitrary script or HTML, leveraging the bypasse...

File upload vulnerability in yiqicms

Yiqicms is a marketing enterprise website system based on SEO-friendly development, using PHP+Mysql open source building system. yiqicms background article management to add categories at the upload image there is a file upload vulnerability . As only to determine whether the uploaded file type...

Cross-Site Request Forgery Vulnerability in yiqicms

Yiqicms is a SEO-based marketing enterprise website system, using PHP+Mysql open source building system. yiqicms background add admin admin/user-add.php at the existence of CSRF vulnerability , through the implantation of csrf form way , you can add the administrator account...

Stored Cross-Site Scripting Vulnerability in yiqicms

Yiqicms is a marketing enterprise website system based on SEO-friendly development, using PHP+Mysql open source building system. Yiqicms front-end stored cross-site scripting vulnerabilities. As the foreground to receive msgtitle msgname failed to filter the output code , only msgcotent parameter...

yiqicms system product-add.php has arbitrary file upload vulnerability

Yiqicms is the first marketing enterprise website system completely based on SEO-friendly development, using PHP+Mysql open source building system. Yiqicms 1.8 version of the background there are arbitrary file upload vulnerability. Allow attackers to exploit the vulnerability can upload any file...

yiqicms system delete_file.php has arbitrary file deletion vulnerability

Yiqicms is the first marketing enterprise website system completely based on SEO-friendly development, using PHP+Mysql open source building system. Yiqicms 1.8 version of the background there are arbitrary file deletion vulnerability , because the program does not limit the deletion of directorie...

Yiqicms 存储型XSS

yiqicms 最新版的1.9 留言区，跟1.8版本一样存在相同的问题。在评论区中对标题仅仅限制了30个字符长度的限制，没有进行任何。 if!pregmatch"/^.1,30$/",$msgtitle ShowMsg"请输入正确的标题"; exit; if!pregmatch"/^.1,10$/",$msgname ShowMsg"请输入您的姓名"; exit; if!pregmatch"/^.1,20$/",$msgcontact ShowMsg"请输入正确的联系方式"; exit; if!pregmatch"/^.1,200$/",$msgcontent...

An open source CMS to bypass the filtering XSS comfortably+getshell（viagra, the Shaolin Temple official website of the shots-the vulnerability warning-the black bar safety net

Brief description: I haven't at the front Desk too.。。。。 Powered by YIQICMS “Baidu for you to find relevant results about 1 7 2 0 0” Viagra official website shot Detailed description: The latest version 1. 8, The 首先 关注 /comment.php: code area if$action == "save" $msgtitle = $POST"msgtitle"; $msgna...