目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

cms 产品漏洞列表 / CVE 中文分析 221

cms 产品相关 221 条漏洞,AI 中文标题与摘要、CVSS、POC 一站汇总。

ベンダー: Mambo

CVE IDタイトルCVSS深刻度公開日
CVE-2024-7106 Spina CMS media_folders cross-site request forgery CWE-352 4.3 Medium2024-07-25
CVE-2024-41800 Craft CMS Allows TOTP Token To Stay Valid After Use CWE-287 4.8 Medium2024-07-25
CVE-2024-7065 Spina CMS cross-site request forgery CWE-352 4.3 Medium2024-07-24
CVE-2024-6947 Flute CMS Notification ContentParser.php replaceContent code injection CWE-94 4.7 Medium2024-07-21
CVE-2024-6946 Flute CMS list code injection CWE-94 4.7 Medium2024-07-21
CVE-2024-6945 Flute CMS Avatar Upload Page ImagesController.php unrestricted upload CWE-434 6.3 Medium2024-07-21
CVE-2024-36119 Password confirmation stored in plain text via registration form in statamic/cms CWE-312 1.8 Low2024-05-30
CVE-2024-3311 Dreamer CMS ThemesController.java ZipUtils.unZipFiles path traversal CWE-22 6.3 Medium2024-04-04
CVE-2024-3118 Dreamer CMS Attachment permission CWE-275 6.3 Medium2024-03-31
CVE-2024-2354 Dreamer CMS toEdit cross-site request forgery CWE-352 4.3 Medium2024-03-10
CVE-2024-24570 Statamic account takeover via XSS and password reset link CWE-79 8.2 High2024-02-01
CVE-2024-0729 ForU CMS cms_admin.php sql injection CWE-89 5.5 Medium2024-01-19
CVE-2024-0728 ForU CMS channel.php file inclusion CWE-73 4.7 Medium2024-01-19
CVE-2024-0648 Yunyou CMS Common.php unrestricted upload CWE-434 7.3 High2024-01-17
CVE-2024-0426 ForU CMS cms_template.php sql injection CWE-89 6.3 Medium2024-01-11
CVE-2024-0425 ForU CMS password recovery CWE-640 5.3 Medium2024-01-11
CVE-2024-21622 Craft CMS Privilege Escalation CWE-269 5.4 Medium2024-01-03
CVE-2023-7091 Dreamer CMS uploadFile unrestricted upload CWE-434 6.3 Medium2023-12-24
CVE-2023-48701 Statamic CMS vulnerable to Cross-site Scripting via uploaded assets CWE-79 7.5 High2023-11-21
CVE-2023-48217 Remote code execution via form uploads in statamic/cms CWE-94 8.8 High2023-11-14
CVE-2023-47129 Statamic CMS remote code execution via front-end form uploads CWE-434 8.4 High2023-11-10
CVE-2023-5812 flusity CMS upload.php handleFileUpload unrestricted upload CWE-434 4.7 Medium2023-10-27
CVE-2023-5811 flusity CMS posts.php loadPostAddForm cross site scripting CWE-79 2.4 Low2023-10-27
CVE-2023-5810 flusity CMS posts.php loadPostAddForm cross site scripting CWE-79 2.4 Low2023-10-27
CVE-2023-5793 flusity CMS Dashboard customblock.php loadCustomBlocCreateForm cross site scripting CWE-79 3.5 Low2023-10-26
CVE-2023-5259 ForU CMS cms_admin.php denial of service CWE-404 2.7 Low2023-09-29
CVE-2023-5221 ForU CMS index.php code injection CWE-94 4.7 Medium2023-09-27
CVE-2023-5013 Pluck CMS Installation install.php cross site scripting CWE-79 2.6 Low2023-09-16
CVE-2023-41892 Craft CMS Remote Code Execution vulnerability CWE-94 10.0 Critical2023-09-13
CVE-2023-4743 Dreamer CMS file access CWE-552 3.1 Low2023-09-03

cms 产品累计公开 221 条 CVE 漏洞,本页提供按时间倒序的完整列表,包含 CVSS、CWE、AI 中文摘要与可获取的 POC 链接。