phtcloud-dev

2 exploits Active since Jun 2024
CVE-2024-36837 NOMISEC HIGH SCANNER
CRMEB 5.2.2 - SQL Injection via ProductController.php getProductList Function
SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive information via the getProductList function in the ProductController.php file.
4 stars
CVSS 7.5
CVE-2024-39119 GITHUB MEDIUM python SCANNER
idccms v1.35 - Cross-Site Request Forgery via admin/info_deal.php
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/info_deal.php?mudi=rev&nohrefStr=close.
CVSS 5.4