Aggregator

CVE-2025-5432 | AssamLook CMS 1.0 /view_tender.php ID sql injection

VulDB Recent Entries
2 months 1 week ago
A vulnerability has been found in AssamLook CMS 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /view_tender.php. The manipulation of the argument ID leads to sql injection. This vulnerability is known as CVE-2025-5432. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-5431 | AssamLook CMS 1.0 /department-profile.php ID sql injection

VulDB Recent Entries
2 months 1 week ago
A vulnerability, which was classified as critical, was found in AssamLook CMS 1.0. Affected is an unknown function of the file /department-profile.php. The manipulation of the argument ID leads to sql injection. This vulnerability is traded as CVE-2025-5431. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-5430 | AssamLook CMS 1.0 /product.php ID sql injection

VulDB Recent Entries
2 months 1 week ago
A vulnerability, which was classified as critical, has been found in AssamLook CMS 1.0. This issue affects some unknown processing of the file /product.php. The manipulation of the argument ID leads to sql injection. The identification of this vulnerability is CVE-2025-5430. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-5429 | juzaweb CMS up to 3.4.2 Plugins Page /admin-cp/plugin/install access control

VulDB Recent Entries
2 months 1 week ago
A vulnerability classified as critical was found in juzaweb CMS up to 3.4.2. This vulnerability affects unknown code of the file /admin-cp/plugin/install of the component Plugins Page. The manipulation leads to improper access controls. This vulnerability was named CVE-2025-5429. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-5428 | juzaweb CMS up to 3.4.2 Error Logs Page /admin-cp/log-viewer access control

VulDB Recent Entries
2 months 1 week ago
A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2025-5428. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-5427 | juzaweb CMS up to 3.4.2 Permalinks Page /admin-cp/permalinks access control

VulDB Recent Entries
2 months 1 week ago
A vulnerability was found in juzaweb CMS up to 3.4.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin-cp/permalinks of the component Permalinks Page. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2025-5427. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-5426 | juzaweb CMS up to 3.4.2 Menu Page /admin-cp/menus access control

VulDB Recent Entries
2 months 1 week ago
A vulnerability was found in juzaweb CMS up to 3.4.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin-cp/menus of the component Menu Page. The manipulation leads to improper access controls. This vulnerability is known as CVE-2025-5426. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-5425 | juzaweb CMS up to 3.4.2 Theme Editor Page default access control

VulDB Recent Entries
2 months 1 week ago
A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as critical. Affected is an unknown function of the file /admin-cp/theme/editor/default of the component Theme Editor Page. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2025-5425. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-5424 | juzaweb CMS up to 3.4.2 Media Page /admin-cp/media access control

VulDB Recent Entries
2 months 1 week ago
A vulnerability was found in juzaweb CMS up to 3.4.2 and classified as critical. This issue affects some unknown processing of the file /admin-cp/media of the component Media Page. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2025-5424. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-5423 | juzaweb CMS up to 3.4.2 General Setting Page general access control

VulDB Recent Entries
2 months 1 week ago
A vulnerability has been found in juzaweb CMS up to 3.4.2 and classified as critical. This vulnerability affects unknown code of the file /admin-cp/setting/system/general of the component General Setting Page. The manipulation leads to improper access controls. This vulnerability was named CVE-2025-5423. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-5422 | juzaweb CMS up to 3.4.2 Email Logs Page /admin-cp/logs/email access control

VulDB Recent Entries
2 months 1 week ago
A vulnerability, which was classified as problematic, was found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/logs/email of the component Email Logs Page. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2025-5422. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-5421 | juzaweb CMS up to 3.4.2 Plugin Editor Page /admin-cp/plugin/editor access control

VulDB Recent Entries
2 months 1 week ago
A vulnerability, which was classified as critical, has been found in juzaweb CMS up to 3.4.2. Affected by this issue is some unknown functionality of the file /admin-cp/plugin/editor of the component Plugin Editor Page. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2025-5421. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-5420 | juzaweb CMS up to 3.4.2 Profile Page upload Upload cross site scripting

VulDB Recent Entries
2 months 1 week ago
A vulnerability classified as problematic was found in juzaweb CMS up to 3.4.2. Affected by this vulnerability is an unknown functionality of the file /admin-cp/file-manager/upload of the component Profile Page. The manipulation of the argument Upload leads to cross site scripting. This vulnerability is known as CVE-2025-5420. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

Managed ad