Vulnerabilities > Laobancms

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-14	CVE-2020-18166	Unrestricted Upload of File with Dangerous Type vulnerability in Laobancms 2.0 Unrestricted File Upload in LAOBANCMS v2.0 allows remote attackers to upload arbitrary files by attaching a file with a ".jpg.php" extension to the component "admin/wenjian.php?wj=../templets/pc". network low complexity laobancms CWE-434 critical	9.8
2021-05-14	CVE-2020-18167	Cross-site Scripting vulnerability in Laobancms 2.0 Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Homepage Introduction" field of component "admin/info.php?shuyu". network low complexity laobancms CWE-79	4.8
2021-05-12	CVE-2020-18165	Cross-site Scripting vulnerability in Laobancms 2.0 Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Website SEO Keywords" field on the page "admin/info.php?shuyu". network low complexity laobancms CWE-79	4.8
2018-11-17	CVE-2018-19328	Path Traversal vulnerability in Laobancms 2.0 LAOBANCMS 2.0 allows install/mysql_hy.php?riqi=../ Directory Traversal. network low complexity laobancms CWE-22 critical	9.8
2018-11-12	CVE-2018-19229	Cross-site Scripting vulnerability in Laobancms 2.0 An issue was discovered in LAOBANCMS 2.0. network low complexity laobancms CWE-79	5.4
2018-11-12	CVE-2018-19228	Path Traversal vulnerability in Laobancms 2.0 An issue was discovered in LAOBANCMS 2.0. network low complexity laobancms CWE-22	7.5
2018-11-12	CVE-2018-19227	Cross-site Scripting vulnerability in Laobancms 2.0 An issue was discovered in LAOBANCMS 2.0. network low complexity laobancms CWE-79	5.4
2018-11-12	CVE-2018-19226	Information Exposure vulnerability in Laobancms 2.0 An issue was discovered in LAOBANCMS 2.0. network low complexity laobancms CWE-200	5.3
2018-11-12	CVE-2018-19225	Cross-Site Request Forgery (CSRF) vulnerability in Laobancms 2.0 An issue was discovered in LAOBANCMS 2.0. network low complexity laobancms CWE-352	8.8
2018-11-12	CVE-2018-19224	Reliance on Cookies without Validation and Integrity Checking vulnerability in Laobancms 2.0 An issue was discovered in LAOBANCMS 2.0. network low complexity laobancms CWE-565	7.5

Vulnerabilities > Laobancms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Laobancms"}]}

Vulnerabilities > Laobancms