AppCMS 2.0.101 in /admin/info.php has an arbitrary file deletion vulnerability which allows attackers to delete arbitrary files on the site. Devamını Oku

An issue was discovered in YzmCMS 5.8. There is a SSRF vulnerability in the background collection management that allows arbitrary file read. Devamını Oku

A storage XSS vulnerability is found in YzmCMS v5.8, which can be used by attackers to inject JS code and attack malicious XSS on the…

An issue was discovered in YzmCMS V5.8. There is a CSRF vulnerability that can add member user accounts via member/member/add.html. Devamını Oku

An issue was discovered in zzcms2020. There is a XSS vulnerability that can insert and execute JS code arbitrarily via /user/manage.php. Devamını Oku

Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access. Devamını Oku

This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator. Devamını Oku

WellCMS 2.0 beta3 is vulnerable to File Upload. A user can log in to the CMS background and upload a picture. Because the upload file…

Pbootcms v2.0.3 is vulnerable to Cross Site Scripting (XSS) via admin.php. Devamını Oku

FDCMS (aka Fangfa Content Management System) 4.0 contains a front-end SQL injection via Admin/Lib/Action/FloginAction.class.php. Devamını Oku