majic-banana/vulnerability

Releases0

poc

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-48270 ↗	Nov 1, 2024Friday, 1 November 2024, 14:15	7.5 HIGH	—
An issue in the component /logins of oasys v1.1 allows attackers to access sensitive information via a burst attack.
CVE-2024-33350 ↗	Apr 29, 2024Monday, 29 April 2024, 21:15	9.8 CRITICAL	—
Directory Traversal vulnerability in TaoCMS v.3.0.2 allows a remote attacker to execute arbitrary code and obtain sensitive information via the include/model/file.php component.
CVE-2024-32206 ↗	Apr 19, 2024Friday, 19 April 2024, 16:15	4.6 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in the component \affiche\admin\index.php of WUZHICMS v4.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $formdata parameter.
CVE-2024-31008 ↗	Apr 3, 2024Wednesday, 3 April 2024, 06:15	6.5 MEDIUM	—
An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code and obtain sensitive information via the index.php file.