VYPR

狮子鱼CMS

by CMS

CVEs (4)

  • CVE-2021-4328MedMar 2, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability has been found in 狮子鱼CMS and classified as critical. Affected by this vulnerability is the function goods_detail of the file ApiController.class.php. The manipulation of the argument goods_id leads to sql injection. The attack can be launched remotely. The…

  • CVE-2009-0493Feb 10, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in login.php in IT!CMS 2.1a and earlier allows remote attackers to execute arbitrary SQL commands via the Username.

  • CVE-2008-2192May 14, 2008
    risk 0.03cvss epss 0.04

    Static code injection vulnerability in box/minichat/boxpop.php in IT!CMS (aka itcms) 1.9 allows remote attackers to inject arbitrary PHP code into box/MiniChat/data/shouts.php via the shout parameter.

  • CVE-2007-4115Jul 31, 2007
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in IT!CMS (itcms) 0.2 allow remote attackers to inject arbitrary web script or HTML via the wndtitle parameter to (1) lang-en.php, (2) menu-ed.php, or (3) titletext-ed.php.