CVE-2025-5033
- EPSS 0.06%
- Veröffentlicht 21.05.2025 17:31:08
- Zuletzt bearbeitet 20.06.2025 16:15:38
A vulnerability classified as problematic was found in XiaoBingby TeaCMS 2.0.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/me/teacms/controller/admin/UserManageController/addUser. The manipulation leads to cr...
CVE-2023-27090
- EPSS 0.11%
- Veröffentlicht 20.04.2023 20:15:07
- Zuletzt bearbeitet 05.02.2025 15:15:17
Cross Site Scripting vulnerability found in TeaCMS storage allows attacker to cause a leak of sensitive information via the article title parameter.
CVE-2023-27091
- EPSS 0.08%
- Veröffentlicht 04.04.2023 18:15:07
- Zuletzt bearbeitet 18.02.2025 18:15:14
An unauthorized access issue found in XiaoBingby TeaCMS 2.3.3 allows attackers to escalate privileges via the id and keywords parameter(s).
CVE-2023-1616
- EPSS 0.12%
- Veröffentlicht 24.03.2023 08:15:07
- Zuletzt bearbeitet 21.11.2024 07:39:32
A vulnerability was found in XiaoBingBy TeaCMS up to 2.0.2. It has been classified as problematic. Affected is an unknown function of the component Article Title Handler. The manipulation with the input <script>alert(document.cookie)</script> leads t...
CVE-2023-1483
- EPSS 0.06%
- Veröffentlicht 18.03.2023 10:15:11
- Zuletzt bearbeitet 21.11.2024 07:39:16
A vulnerability has been found in XiaoBingBy TeaCMS up to 2.0.2 and classified as critical. This vulnerability affects unknown code of the file /admin/getallarticleinfo. The manipulation of the argument searchInfo leads to sql injection. The attack c...
CVE-2023-1398
- EPSS 0.12%
- Veröffentlicht 14.03.2023 15:15:12
- Zuletzt bearbeitet 21.11.2024 07:39:06
A vulnerability classified as critical was found in XiaoBingBy TeaCMS 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/upload. The manipulation leads to path traversal: '../filedir'. The attack can be launched remote...