CVE-2018-14977
An issue was discovered in QCMS 3.0.1. upload/System/Controller/guest.php has XSS, as demonstrated by the name parameter, a different vulnerability than CVE-2018-8070.
Source: CVE-2018-14977
[월:] 2018년 08월
CVE-2018-14961
CVE-2018-14961
dl/dl_sendmail.php in zzcms 8.3 has SQL Injection via the sql parameter.
Source: CVE-2018-14961
CVE-2018-14973
CVE-2018-14973
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/product.php has XSS.
Source: CVE-2018-14973
CVE-2018-14971
CVE-2018-14971
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/user.php has XSS.
Source: CVE-2018-14971
CVE-2018-14972
CVE-2018-14972
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/down.php has XSS.
Source: CVE-2018-14972
CVE-2018-14969
CVE-2018-14969
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/system.php has XSS.
Source: CVE-2018-14969
CVE-2018-14970
CVE-2018-14970
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/slideshow.php has XSS.
Source: CVE-2018-14970
CVE-2018-14967
CVE-2018-14967
An issue was discovered in EMLsoft 5.4.5. uploademlactionaction.user.php has SQL Injection via the numPerPage parameter.
Source: CVE-2018-14967
CVE-2018-14968
CVE-2018-14968
An issue was discovered in EMLsoft 5.4.5. uploademlactionaction.address.php has SQL Injection via the numPerPage parameter.
Source: CVE-2018-14968
CVE-2018-14965
CVE-2018-14965
An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=address&do=add page allows CSRF.
Source: CVE-2018-14965