Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Gxlcms Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-20975 1 Gxlcms 1 Gxlcms 2021-08-20 7.5 HIGH 9.8 CRITICAL
In \lib\admin\action\dataaction.class.php in Gxlcms v1.1, SQL Injection exists via the $filename parameter.
CVE-2018-9852 1 Gxlcms 1 Gxlcms Qy 2020-01-30 5.0 MEDIUM 9.8 CRITICAL
In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read data from a database by embedding a FROM clause in a query string within a Home-Hits request, as demonstrated hy sid=user,password%20from%20mysql.user%23.
CVE-2018-18488 1 Gxlcms 1 Gxlcms 2018-11-30 7.5 HIGH 9.8 CRITICAL
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[] parameter.
CVE-2018-14685 1 Gxlcms 1 Gxlcms 2018-09-28 5.0 MEDIUM 9.8 CRITICAL
The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in Gxlcms v1.1.4 allows remote attackers to read arbitrary files via a crafted index.php?s=Admin-Tpl-ADD-id request, related to Lib/Common/Admin/function.php.
CVE-2018-9848 1 Gxlcms 1 Gxlcms Qy 2018-05-14 7.5 HIGH 9.8 CRITICAL
In Gxlcms QY v1.0.0713, the upload function in Lib\Lib\Action\Admin\UploadAction.class.php allows remote attackers to execute arbitrary PHP code by first using an Admin-Admin-Configsave request to change the config[upload_class] value from jpg,gif,png,jpeg to jpg,gif,png,jpeg,php and then making an Admin-Upload-Upload request.
CVE-2018-9847 1 Gxlcms 1 Gxlcms Qy 2018-05-14 7.5 HIGH 9.8 CRITICAL
In Gxlcms QY v1.0.0713, the update function in Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.
CVE-2018-9247 1 Gxlcms 1 Gxlcms Qy 2018-05-09 7.5 HIGH 9.8 CRITICAL
The upsql function in \Lib\Lib\Action\Admin\DataAction.class.php in Gxlcms QY v1.0.0713 allows remote attackers to execute arbitrary SQL statements via the sql parameter. Consequently, an attacker can execute arbitrary PHP code by placing it after a <?php substring, and then using INTO OUTFILE with a .php filename.