Gxlcms

gxlcms

15 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (15)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-20975 1Gxlcms 1Gxlcms Nov 21, 2024 Aug 12, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In \lib\admin\action\dataaction.class.php in Gxlcms v1.1, SQL Injection exists via the $filename parameter.
CVE-2018-18488 1Gxlcms 1Gxlcms Nov 21, 2024 Oct 18, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[] parameter.
CVE-2018-18487 1Gxlcms 1Gxlcms Nov 21, 2024 Oct 18, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mt_rand() unsafely, resulting in predictable database backup file locations.
CVE-2018-16655 1Gxlcms 1Gxlcms Nov 21, 2024 Sep 7, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Gxlcms 1.0 has XSS via the PATH_INFO to gx/lib/ThinkPHP/Tpl/ThinkException.tpl.php.
CVE-2018-16437 1Gxlcms 1Gxlcms Nov 21, 2024 Sep 5, 2018 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable by an administrator.
CVE-2018-16436 1Gxlcms 1Gxlcms Nov 21, 2024 Sep 5, 2018 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator.
CVE-2018-15177 1Gxlcms 1Gxlcms Nov 21, 2024 Aug 8, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can add an administrator account.
CVE-2018-14685 1Gxlcms 1Gxlcms Nov 21, 2024 Jul 28, 2018 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in Gxlcms v1.1.4 allows remote attackers to read arbitrary files via a crafted index.php?s=Admin-Tpl-ADD-id request, related to Lib/Common/Admin/function.p...Show more The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in Gxlcms v1.1.4 allows remote attackers to read arbitrary files via a crafted index.php?s=Admin-Tpl-ADD-id request, related to Lib/Common/Admin/function.php.Show less
CVE-2018-9852 1Gxlcms 1Gxlcms Qy Nov 21, 2024 Apr 8, 2018 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read data from a database by embedding a FROM clause in a query string within a Home-Hits request, as demonstrated hy sid=user,p...Show more In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read data from a database by embedding a FROM clause in a query string within a Home-Hits request, as demonstrated hy sid=user,password%20from%20mysql.user%23.Show less
CVE-2018-9851 1Gxlcms 1Gxlcms Qy Nov 21, 2024 Apr 8, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to read any file via a modified pathname in an Admin-Tpl request, as demonstrated by use of '\|' instead of '/' as a directory separ...Show more In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to read any file via a modified pathname in an Admin-Tpl request, as demonstrated by use of '\|' instead of '/' as a directory separator, in conjunction with a ".." sequence.Show less
CVE-2018-9850 1Gxlcms 1Gxlcms Qy Nov 21, 2024 Apr 8, 2018 N/A· v4 7.5 HIGH· v3 6.4 MEDIUM· v2 In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\DataAction.class.php allows remote attackers to delete any file via directory traversal sequences in the id parameter of an Admin-Data-del request.
CVE-2018-9848 1Gxlcms 1Gxlcms Qy Nov 21, 2024 Apr 7, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In Gxlcms QY v1.0.0713, the upload function in Lib\Lib\Action\Admin\UploadAction.class.php allows remote attackers to execute arbitrary PHP code by first using an Admin-Admin-Configsave request to change the config[uploa...Show more In Gxlcms QY v1.0.0713, the upload function in Lib\Lib\Action\Admin\UploadAction.class.php allows remote attackers to execute arbitrary PHP code by first using an Admin-Admin-Configsave request to change the config[upload_class] value from jpg,gif,png,jpeg to jpg,gif,png,jpeg,php and then making an Admin-Upload-Upload request.Show less
CVE-2018-9847 1Gxlcms 1Gxlcms Qy Nov 21, 2024 Apr 7, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In Gxlcms QY v1.0.0713, the update function in Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.
CVE-2018-9247 1Gxlcms 1Gxlcms Qy Nov 21, 2024 Apr 4, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The upsql function in \Lib\Lib\Action\Admin\DataAction.class.php in Gxlcms QY v1.0.0713 allows remote attackers to execute arbitrary SQL statements via the sql parameter. Consequently, an attacker can execute arbitrary P...Show more The upsql function in \Lib\Lib\Action\Admin\DataAction.class.php in Gxlcms QY v1.0.0713 allows remote attackers to execute arbitrary SQL statements via the sql parameter. Consequently, an attacker can execute arbitrary PHP code by placing it after a <?php substring, and then using INTO OUTFILE with a .php filename.Show less
CVE-2017-14979 1Gxlcms 1Gxlcms May 13, 2026 Oct 3, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Gxlcms uses an unsafe character-replacement approach in an attempt to restrict access, which allows remote attackers to read arbitrary files via modified pathnames in the s parameter to index.php, related to Lib/Admin/Ac...Show more Gxlcms uses an unsafe character-replacement approach in an attempt to restrict access, which allows remote attackers to read arbitrary files via modified pathnames in the s parameter to index.php, related to Lib/Admin/Action/TplAction.class.php and Lib/Admin/Common/function.php.Show less