3 matches found
CVE-2018-18619
CVE-2018-18619 : The vulnerability affects the web app Advanced Comment System 1.0 , in the file internal/advanced_comment_system/admin.php . It is prone to an SQL injection because user-supplied data is not sufficiently sanitized before use in an SQL query, enabling remote attackers to trigger t...
CVE-2020-35598
ACS Advanced Comment System 1.0 is affected by Local File Inclusion/Directory Traversal via advanced_component_system/index.php?ACS_path=..%2f. The Nuclei template and Exploit-DB entry confirm path traversal can lead to viewing sensitive files (e.g., /etc/passwd) and indicate potential remote cod...
CVE-2018-18845
Summary of CVE-2018-18845 (Advanced Comment System): The affected product is Advanced Comment System, version 1.0. The vulnerability is a reflected cross-site scripting (XSS) flaw in internal/advanced_comment_system/index.php and internal/advanced_comment_system/admin.php via ACS_path. A remote, ...