Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
laobancms laobancms 2.0 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-19229
An issue exists in LAOBANCMS 2.0. It allows XSS via the admin/art.php?typeid=1 biaoti parameter.
Laobancms Laobancms 2.0
4.8
CVSSv3
CVE-2020-18165
Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote malicious users to execute arbitrary code by injecting commands into the "Website SEO Keywords" field on the page "admin/info.php?shuyu".
Laobancms Laobancms 2.0
9.8
CVSSv3
CVE-2020-18166
Unrestricted File Upload in LAOBANCMS v2.0 allows remote malicious users to upload arbitrary files by attaching a file with a ".jpg.php" extension to the component "admin/wenjian.php?wj=../templets/pc".
Laobancms Laobancms 2.0
4.8
CVSSv3
CVE-2020-18167
Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote malicious users to execute arbitrary code by injecting commands into the "Homepage Introduction" field of component "admin/info.php?shuyu".
Laobancms Laobancms 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2