Security
Headlines
HeadlinesLatestCVEs

Tag

#php

qdPM 9.1 Remote Code Execution

qdPM version 9.1 authenticated remote code execution exploit that leverages a path traversal.

Packet Storm
#csrf#google#ubuntu#php#backdoor#rce#xpath#auth
CVE-2022-29682: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #36 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/vod/admin/topic/del.

CVE-2022-29680: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #31 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/zu_del.

CVE-2022-29689: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #28 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/del.

CVE-2022-29685: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #32 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/User/level_sort.

CVE-2022-29669: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #20 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/lists/zhuan.

CVE-2022-29688: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #27 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/hy.

CVE-2022-29684: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #33 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/js_del.

CVE-2022-29683: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #34 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/page_del.

CVE-2022-29686: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #29 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/lists/zhuan.