CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-44302

HIGH
8.8
CVSS Severity Score
EPSS Score0.1650%
EPSS Percentile38.76th
Published2022年2月19日
Last Modified2024年11月21日

Vulnerability Description

BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the tongji and baidu_map parameters in /user/ztconfig.php.

Affected Platforms (CPE)

📦
Baicloud Cms Project

Baicloud Cms

= 2.5.7

References & Advisories

🔗 https://github.com/relightsec/BaiCloud/blob/main/README.md
🔗 https://github.com/relightsec/BaiCloud/blob/main/README.md

相关漏洞威胁

CVE-2021-417299.1

BaiCloud-cms v2.5.7 is affected by an arbitrary file deletion vulnerability, which allows an attacker to delete arbitrary files on...

CVE-2021-3263710.0

Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngx_http_auth_request_modul...

CVE-2021-3384110.0

SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject ...

CVE-2021-3565210.0

Vulnerability in the Essbase Administration Services product of Oracle Essbase (component: EAS Console). The supported versions th...