VYPR

Luocms

by Luocms

CVEs (10)

  • CVE-2022-24609CriMar 10, 2022
    risk 0.64cvss 9.8epss 0.02

    Luocms v2.0 is affected by an incorrect access control vulnerability. Through /admin/templates/template_manage.php, an attacker can write an arbitrary shell file.

  • CVE-2022-24607CriMar 10, 2022
    risk 0.64cvss 9.8epss 0.01

    Luocms v2.0 is affected by SQL Injection in /admin/news/news_ok.php.

  • CVE-2022-24606CriMar 10, 2022
    risk 0.64cvss 9.8epss 0.01

    Luocms v2.0 is affected by SQL Injection in /admin/news/sort_ok.php.

  • CVE-2022-24605CriMar 10, 2022
    risk 0.64cvss 9.8epss 0.01

    Luocms v2.0 is affected by SQL Injection in /admin/link/link_ok.php.

  • CVE-2022-24604CriMar 10, 2022
    risk 0.64cvss 9.8epss 0.01

    Luocms v2.0 is affected by SQL Injection in /admin/link/link_mod.php.

  • CVE-2022-24603CriMar 10, 2022
    risk 0.64cvss 9.8epss 0.01

    Luocms v2.0 is affected by SQL Injection in /admin/news/sort_mod.php.

  • CVE-2022-24602CriMar 10, 2022
    risk 0.64cvss 9.8epss 0.01

    Luocms v2.0 is affected by SQL Injection in /admin/news/news_mod.php.

  • CVE-2022-24600CriMar 10, 2022
    risk 0.64cvss 9.8epss 0.01

    Luocms v2.0 is affected by SQL Injection through /admin/login.php. An attacker can log in to the background through SQL injection statements.

  • CVE-2022-24601HigMar 10, 2022
    risk 0.49cvss 7.5epss 0.01

    Luocms v2.0 is affected by SQL Injection in /admin/manager/admin_mod.php. An attacker can obtain sensitive information through SQL injection statements.

  • CVE-2022-24608MedMar 10, 2022
    risk 0.40cvss 6.1epss 0.01

    Luocms v2.0 is affected by Cross Site Scripting (XSS) in /admin/news/sort_add.php and /inc/function.php.