Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
laobancms laobancms 2.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-19220
An issue exists in LAOBANCMS 2.0. It allows remote malicious users to execute arbitrary PHP code via the host parameter to the install/ URI.
Laobancms Laobancms 2.0
9.8
CVSSv3
CVE-2018-19221
An issue exists in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter.
Laobancms Laobancms 2.0
9.8
CVSSv3
CVE-2018-19222
An issue exists in LAOBANCMS 2.0. It allows a /install/mysql_hy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists.
Laobancms Laobancms 2.0
4.8
CVSSv3
CVE-2018-19223
An issue exists in LAOBANCMS 2.0. It allows XSS via the first input field to the admin/type.php?id=1 URI.
Laobancms Laobancms 2.0
7.5
CVSSv3
CVE-2018-19224
An issue exists in LAOBANCMS 2.0. /admin/login.php allows spoofing of the id and guanliyuan cookies.
Laobancms Laobancms 2.0
8.8
CVSSv3
CVE-2018-19225
An issue exists in LAOBANCMS 2.0. admin/mima.php has CSRF.
Laobancms Laobancms 2.0
5.3
CVSSv3
CVE-2018-19226
An issue exists in LAOBANCMS 2.0. It allows remote malicious users to list .txt files via a direct request for the /data/0/admin.txt URI.
Laobancms Laobancms 2.0
5.4
CVSSv3
CVE-2018-19227
An issue exists in LAOBANCMS 2.0. It allows XSS via the admin/liuyan.php neirong[] parameter.
Laobancms Laobancms 2.0
7.5
CVSSv3
CVE-2018-19228
An issue exists in LAOBANCMS 2.0. It allows arbitrary file deletion via ../ directory traversal in the admin/pic.php del parameter, as demonstrated by deleting install/install.txt to permit a reinstallation.
Laobancms Laobancms 2.0
5.4
CVSSv3
CVE-2018-19229
An issue exists in LAOBANCMS 2.0. It allows XSS via the admin/art.php?typeid=1 biaoti parameter.
Laobancms Laobancms 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »