Vulnerabilities > Gxlcms > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-18 | CVE-2018-18487 | Information Exposure vulnerability in Gxlcms 2.0 In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mt_rand() unsafely, resulting in predictable database backup file locations. | 5.0 |
2018-09-07 | CVE-2018-16655 | Cross-site Scripting vulnerability in Gxlcms 1.0 Gxlcms 1.0 has XSS via the PATH_INFO to gx/lib/ThinkPHP/Tpl/ThinkException.tpl.php. | 4.3 |
2018-09-05 | CVE-2018-16437 | Path Traversal vulnerability in Gxlcms 2.0 Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable by an administrator. | 4.0 |
2018-09-05 | CVE-2018-16436 | SQL Injection vulnerability in Gxlcms 2.0 Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator. | 6.5 |
2018-08-08 | CVE-2018-15177 | Cross-Site Request Forgery (CSRF) vulnerability in Gxlcms 2.0 In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can add an administrator account. | 6.8 |
2018-07-28 | CVE-2018-14685 | Information Exposure vulnerability in Gxlcms 1.1.4 The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in Gxlcms v1.1.4 allows remote attackers to read arbitrary files via a crafted index.php?s=Admin-Tpl-ADD-id request, related to Lib/Common/Admin/function.php. | 5.0 |
2018-04-08 | CVE-2018-9852 | Information Exposure vulnerability in Gxlcms QY 1.0.0713 In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read data from a database by embedding a FROM clause in a query string within a Home-Hits request, as demonstrated hy sid=user,password%20from%20mysql.user%23. | 5.0 |
2018-04-08 | CVE-2018-9851 | Path Traversal vulnerability in Gxlcms QY 1.0.0713 In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to read any file via a modified pathname in an Admin-Tpl request, as demonstrated by use of '|' instead of '/' as a directory separator, in conjunction with a ".." sequence. | 5.0 |
2018-04-08 | CVE-2018-9850 | Path Traversal vulnerability in Gxlcms QY 1.0.0713 In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\DataAction.class.php allows remote attackers to delete any file via directory traversal sequences in the id parameter of an Admin-Data-del request. | 6.4 |
2017-10-03 | CVE-2017-14979 | Unspecified vulnerability in Gxlcms Gxlcms uses an unsafe character-replacement approach in an attempt to restrict access, which allows remote attackers to read arbitrary files via modified pathnames in the s parameter to index.php, related to Lib/Admin/Action/TplAction.class.php and Lib/Admin/Common/function.php. | 5.0 |