Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
super cms vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-18261
In waimai Super Cms 20150505, there is an XSS vulnerability via the /admin.php/Foodcat/addsave fcname parameter.
Bijiadao Waimai Super Cms 20150505
3.5
CVSSv2
CVE-2018-15570
In waimai Super Cms 20150505, there is stored XSS via the /admin.php/Foodcat/editsave fcname parameter.
Bijiadao Waimai Super Cms 20150505
5
CVSSv2
CVE-2018-16157
waimai Super Cms 20150505 has a logic flaw allowing malicious users to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=cart&a=save item_totals parameter to zero, the entire cart is sold for free.
Bijiadao Waimai Super Cms 20150505
4.3
CVSSv2
CVE-2018-16315
In waimai Super Cms 20150505, there is a CSRF vulnerability that can change the configuration via admin.php?m=Config&a=add.
Bijiadao Waimai Super Cms 20150505
7.5
CVSSv2
CVE-2019-3577
An issue exists in Waimai Super Cms 20150505. web/Lib/Action/ProductAction.class.php allows blind SQL Injection via the id[0] parameter to the /product URI.
Bijiadao Waimai Super Cms 20150505
NA
CVE-2023-3788
A vulnerability, which was classified as problematic, has been found in ActiveITzone Active Super Shop CMS 2.5. This issue affects some unknown processing of the component Manage Details Page. The manipulation of the argument name/phone/address leads to cross site scripting. The ...
Activeitzone Active Super Shop 2.5
NA
CVE-2022-44244
An authentication bypass in Lin-CMS v0.2.1 allows malicious users to escalate privileges to Super Administrator.
Lin-cms Project Lin-cms 0.2.1
1 Github repository
6.8
CVSSv2
CVE-2014-4718
Multiple cross-site request forgery (CSRF) vulnerabilities in Lunar CMS prior to 3.3-3 allow remote malicious users to hijack the authentication of administrators for requests that (1) add Super users via a request to admin/user_create.php or conduct cross-site scripting (XSS) at...
Lunarcms Lunar Cms 3.3
Lunarcms Lunar Cms 3.2
Lunarcms Lunar Cms 3.1
Lunarcms Lunar Cms
1 EDB exploit
6.5
CVSSv2
CVE-2020-23722
An issue exists in FUEL CMS 1.4.7. There is a escalation of privilege vulnerability to obtain super admin privilege via the "id" and "fuel_id" parameters.
Thedaylightstudio Fuel Cms 1.4.7
6.8
CVSSv2
CVE-2018-18711
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's password via index.php?m=core&f=panel&v=edit_info.
Wuzhicms Wuzhi Cms 4.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »