OpenCVE

Filtered by vendor Luocms Project Subscriptions

Total 10 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-24609	1 Luocms Project	1 Luocms	2024-11-21	9.8 Critical
Luocms v2.0 is affected by an incorrect access control vulnerability. Through /admin/templates/template_manage.php, an attacker can write an arbitrary shell file.
CVE-2022-24608	1 Luocms Project	1 Luocms	2024-11-21	6.1 Medium
Luocms v2.0 is affected by Cross Site Scripting (XSS) in /admin/news/sort_add.php and /inc/function.php.
CVE-2022-24607	1 Luocms Project	1 Luocms	2024-11-21	9.8 Critical
Luocms v2.0 is affected by SQL Injection in /admin/news/news_ok.php.
CVE-2022-24606	1 Luocms Project	1 Luocms	2024-11-21	9.8 Critical
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_ok.php.
CVE-2022-24605	1 Luocms Project	1 Luocms	2024-11-21	9.8 Critical
Luocms v2.0 is affected by SQL Injection in /admin/link/link_ok.php.
CVE-2022-24604	1 Luocms Project	1 Luocms	2024-11-21	9.8 Critical
Luocms v2.0 is affected by SQL Injection in /admin/link/link_mod.php.
CVE-2022-24603	1 Luocms Project	1 Luocms	2024-11-21	9.8 Critical
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_mod.php.
CVE-2022-24602	1 Luocms Project	1 Luocms	2024-11-21	9.8 Critical
Luocms v2.0 is affected by SQL Injection in /admin/news/news_mod.php.
CVE-2022-24601	1 Luocms Project	1 Luocms	2024-11-21	7.5 High
Luocms v2.0 is affected by SQL Injection in /admin/manager/admin_mod.php. An attacker can obtain sensitive information through SQL injection statements.
CVE-2022-24600	1 Luocms Project	1 Luocms	2024-11-21	9.8 Critical
Luocms v2.0 is affected by SQL Injection through /admin/login.php. An attacker can log in to the background through SQL injection statements.

Page 1 of 1.