CVE-2020-21808 (nukeviet)
SQL Injection vulnerability in NukeViet CMS 4.0.10 – 4.3.07 via:the topicsid parameter in modules/news/admin/addtotopics.php. Devamını Oku
Devamını oku
CVE-2020-21808
SQL Injection vulnerability in NukeViet CMS 4.0.10 – 4.3.07 via:the topicsid parameter in modules/news/admin/addtotopics.php. Devamını Oku
CVE-2020-21806 (ectouch)
SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php.. Devamını Oku
CVE-2020-21806
SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php.. Devamını Oku
CVE-2020-21788
In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The vulnerable code is in file /crmeb/app/admin/controller/store/CopyTaobao.php. Devamını Oku
CVE-2020-21787
CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php. Devamını Oku
CVE-2020-21786
In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php. Devamını Oku
CVE-2020-21785
In IBOS 4.5.4 Open, the database backup has Command Injection Vulnerability. Devamını Oku
CVE-2020-21784
phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php. Devamını Oku
CVE-2020-21783
In IBOS 4.5.4 the email function has a cross site scripting (XSS) vulnerability in emailbody[content] parameter. Devamını Oku
CVE-2020-21729
JEECMS x1.1 contains a stored cross-site scripting (XSS) vulnerability in the component of /member-vipcenter.htm, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Devamını Oku
CVE-2020-21726
OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the cid parameter. Devamını Oku