CVE-2020-35972
An issue was discovered in YzmCMS V5.8. There is a CSRF vulnerability that can add member user accounts via member/member/add.html. Devamını Oku
Devamını oku
CVE-2020-35971
A storage XSS vulnerability is found in YzmCMS v5.8, which can be used by attackers to inject JS code and attack malicious XSS on the /admin/system_manage/user_config_edit.html page. Devamını Oku
CVE-2020-35970
An issue was discovered in YzmCMS 5.8. There is a SSRF vulnerability in the background collection management that allows arbitrary file read. Devamını Oku
CVE-2020-35856 (orion_platform)
SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page. Devamını Oku
CVE-2020-35856
SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page. Devamını Oku
CVE-2020-35762 (bloofoxcms)
bloofoxCMS 0.5.2.1 is infected with Path traversal in the 'fileurl' parameter that allows attackers to read local files. Devamını Oku
CVE-2020-35762
bloofoxCMS 0.5.2.1 is infected with Path traversal in the 'fileurl' parameter that allows attackers to read local files. Devamını Oku
CVE-2020-35761 (bloofoxcms)
bloofoxCMS 0.5.2.1 is infected with XSS that allows remote attackers to execute arbitrary JS/HTML Code. Devamını Oku
CVE-2020-35761
bloofoxCMS 0.5.2.1 is infected with XSS that allows remote attackers to execute arbitrary JS/HTML Code. Devamını Oku
CVE-2020-35760 (bloofoxcms)
bloofoxCMS 0.5.2.1 is infected with Unrestricted File Upload that allows attackers to upload malicious files (ex: php files). Devamını Oku
CVE-2020-35760
bloofoxCMS 0.5.2.1 is infected with Unrestricted File Upload that allows attackers to upload malicious files (ex: php files). Devamını Oku
CVE-2020-35759 (bloofoxcms)
bloofoxCMS 0.5.2.1 is infected with a CSRF Attack that leads to an attacker editing any file content (Locally/Remotely). Devamını Oku