It is possible to launch the attack remotely. The manipulation leads to files or directories accessible. Affected is an unknown function of the file /upload/ueditorConfig?action=config. VDB-239854 is the identifier assigned to this vulnerability.Ī vulnerability was found in Dreamer CMS up to 4.1.3. The exploit has been disclosed to the public and may be used. The exploitation appears to be difficult. The complexity of an attack is rather high. The manipulation of the argument contents with the input alert('xss') leads to cross site scripting. This vulnerability affects unknown code of the file install.php of the component Installation Handler. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Ī vulnerability has been found in Pluck CMS 4.7.18 and classified as problematic. The associated identifier of this vulnerability is VDB-240363. This is why information about affected and unaffected releases are unavailable. It is possible to initiate the attack remotely. The manipulation of the argument db_name leads to code injection. This affects an unknown part of the file /install/index.php. The identifier of this vulnerability is VDB-240868.Ī vulnerability classified as critical has been found in ForU CMS. Therefore, no version details for affected nor updated releases are available. This product is using a rolling release to provide continious delivery.
The manipulation of the argument del leads to denial of service.
This vulnerability affects unknown code of the file /admin/cms_admin.php. The identifier VDB-240877 was assigned to this vulnerability.Ī vulnerability classified as problematic was found in ForU CMS. The manipulation of the argument cid leads to sql injection. Affected by this vulnerability is an unknown functionality of the file /admin/cms_content.php. A vulnerability classified as critical was found in huakecms 3.0.
0 kommentar(er)
