Luocms v2.0 is affected by SQL Injection through /admin/login.php. An attacker can log in to the background through SQL injection statements.
9.8CVSS
9.9AI Score
0.002EPSS
Luocms v2.0 is affected by SQL Injection in /admin/manager/admin_mod.php. An attacker can obtain sensitive information through SQL injection statements.
7.5CVSS
7.8AI Score
0.002EPSS
9.8CVSS
9.9AI Score
0.002EPSS
9.8CVSS
9.9AI Score
0.002EPSS
9.8CVSS
9.9AI Score
0.002EPSS
9.8CVSS
9.9AI Score
0.002EPSS
9.8CVSS
9.9AI Score
0.002EPSS
9.8CVSS
9.9AI Score
0.002EPSS
Luocms v2.0 is affected by Cross Site Scripting (XSS) in /admin/news/sort_add.php and /inc/function.php.
6.1CVSS
6AI Score
0.001EPSS
Luocms v2.0 is affected by an incorrect access control vulnerability. Through /admin/templates/template_manage.php, an attacker can write an arbitrary shell file.
9.8CVSS
9.5AI Score
0.004EPSS