SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_set_mask() function in jocms/apps/mask/mask.php.
SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_delete_mask function in jocms/apps/mask/mask.php.
SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_json_check function in jocms/apps/mask/inc/getmask.php.
Cross Site Request Forgery vulnerability in imcat 5.4 allows remote attackers to escalate privilege via lack of token verification.
Cross Site Request Forgery (CSRF) vulnerability in imcat 5.4 allows remote attackers to gain escalated privileges via flaws one time token generation on the add administrator page.
SQL injection vulnerability in JIZHICMS 1.9.5 allows attackers to run arbitrary SQL commands via add or edit article page.
Buffer Overflow vulnerability in Allegro through 5.2.6 allows attackers to cause a denial of service via crafted PCX/TGA/BMP files to allegro_image addon.
Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to crash the application via crafted command.
SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file.
Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php.