CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Laobancms: Security Vulnerabilities

CVE-2018-19226

An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to list .txt files via a direct request for the /data/0/admin.txt URI.

CVSS Score

5.3

EPSS Score

0.002

Published

2018-11-12

CVE-2018-19227

An issue was discovered in LAOBANCMS 2.0. It allows XSS via the admin/liuyan.php neirong[] parameter.

CVSS Score

5.4

EPSS Score

0.002

Published

2018-11-12

CVE-2018-19228

An issue was discovered in LAOBANCMS 2.0. It allows arbitrary file deletion via ../ directory traversal in the admin/pic.php del parameter, as demonstrated by deleting install/install.txt to permit a reinstallation.

CVSS Score

7.5

EPSS Score

0.01

Published

2018-11-12

CVE-2018-19229

An issue was discovered in LAOBANCMS 2.0. It allows XSS via the admin/art.php?typeid=1 biaoti parameter.

CVSS Score

5.4

EPSS Score

0.002

Published

2018-11-12

Page 2

Vulnerabilities

Vulnerable Software

Laobancms: Security Vulnerabilities

Products

Pricing

Contact Us