CVE-2022-29667
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted photos.
Source: CVE-2022-29667
[월:] 2022년 05월
CVE-2022-29669
CVE-2022-29669
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/lists/zhuan.
Source: CVE-2022-29669
CVE-2022-1664
CVE-2022-1664
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.
Source: CVE-2022-1664
CVE-2022-29682
CVE-2022-29682
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/vod/admin/topic/del.
Source: CVE-2022-29682
CVE-2022-29663
CVE-2022-29663
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/hy.
Source: CVE-2022-29663
CVE-2022-29685
CVE-2022-29685
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/User/level_sort.
Source: CVE-2022-29685
CVE-2022-29660
CVE-2022-29660
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/pic/del.
Source: CVE-2022-29660
CVE-2022-29686
CVE-2022-29686
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/lists/zhuan.
Source: CVE-2022-29686
CVE-2022-29664
CVE-2022-29664
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/pl_save.
Source: CVE-2022-29664
CVE-2022-29681
CVE-2022-29681
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Links/del.
Source: CVE-2022-29681