Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
luocms project luocms 2.0 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-24608
Luocms v2.0 is affected by Cross Site Scripting (XSS) in /admin/news/sort_add.php and /inc/function.php.
Luocms Project Luocms 2.0
9.8
CVSSv3
CVE-2022-24600
Luocms v2.0 is affected by SQL Injection through /admin/login.php. An attacker can log in to the background through SQL injection statements.
Luocms Project Luocms 2.0
7.5
CVSSv3
CVE-2022-24601
Luocms v2.0 is affected by SQL Injection in /admin/manager/admin_mod.php. An attacker can obtain sensitive information through SQL injection statements.
Luocms Project Luocms 2.0
9.8
CVSSv3
CVE-2022-24602
Luocms v2.0 is affected by SQL Injection in /admin/news/news_mod.php.
Luocms Project Luocms 2.0
9.8
CVSSv3
CVE-2022-24603
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_mod.php.
Luocms Project Luocms 2.0
9.8
CVSSv3
CVE-2022-24604
Luocms v2.0 is affected by SQL Injection in /admin/link/link_mod.php.
Luocms Project Luocms 2.0
9.8
CVSSv3
CVE-2022-24605
Luocms v2.0 is affected by SQL Injection in /admin/link/link_ok.php.
Luocms Project Luocms 2.0
9.8
CVSSv3
CVE-2022-24606
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_ok.php.
Luocms Project Luocms 2.0
9.8
CVSSv3
CVE-2022-24607
Luocms v2.0 is affected by SQL Injection in /admin/news/news_ok.php.
Luocms Project Luocms 2.0
9.8
CVSSv3
CVE-2022-24609
Luocms v2.0 is affected by an incorrect access control vulnerability. Through /admin/templates/template_manage.php, an attacker can write an arbitrary shell file.
Luocms Project Luocms 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started