📦 Xunruicms
by Xunruicms
🔍 What is Xunruicms?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
XunruiCMS up to version 4.5.1 contains a remote code execution vulnerability in index.php that allows attackers to execute arbitrary code via crafted GET requests. This affects all systems running vul...
XunRuiCMS versions 4.3.3 to 4.5.1 contain a vulnerability in the cron.php add function that allows authenticated attackers to write arbitrary PHP files and include CMS PHP files, leading to remote cod...
This is a cross-site scripting (XSS) vulnerability in XunRuiCMS that allows attackers to inject malicious scripts via the JSONP callback parameter. The vulnerability affects XunRuiCMS versions up to 4...
This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in dayrui XunRuiCMS up to version 4.7.1. Attackers can exploit this by manipulating the 'v' parameter in the admin79f2ec220c7e.php...
This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in dayrui XunRuiCMS up to version 4.7.1. The flaw allows attackers to make unauthorized requests from the vulnerable server to int...
This Cross-Site Scripting (XSS) vulnerability in Xunruicms allows attackers to inject malicious scripts that execute in users' browsers. It affects Xunruicms versions 4.6.3 and earlier, potentially en...
This critical vulnerability in XunRuiCMS allows remote attackers to execute arbitrary code through deserialization of the 'thumb' parameter in the Api.php file. Attackers can exploit this without auth...
This vulnerability in Xunrui CMS 4.61 allows remote attackers to access sensitive information through the /dayrui/Fcms/View/system_log.html file. It affects all systems running Xunrui CMS 4.61 with th...
This vulnerability in Xunrui CMS 4.61 allows remote attackers to access sensitive information through the /config/myfield/test.php file. It affects all systems running the vulnerable version of Xunrui...
This is a cross-site scripting (XSS) vulnerability in XunRuiCMS up to version 4.7.1 that allows attackers to inject malicious scripts via the data[name] parameter on the Add Data Validation Page. The ...
This vulnerability allows attackers to inject malicious scripts via the domain name binding page in XunRuiCMS, potentially leading to cross-site scripting attacks. It affects XunRuiCMS installations u...
This is a cross-site scripting (XSS) vulnerability in XunRuiCMS up to version 4.7.1 that allows attackers to inject malicious scripts via the data[name] parameter in the admin interface. The vulnerabi...