Atom CMS 漏洞列表

AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php.

Atom CMS v2.0 was discovered to contain a remote code execution (RCE) vulnerability via /admin/uploads.php.

Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php.

Atom CMS v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the "A" parameter in /widgets/debug.php.

AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php

Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads.php which allows an attacker to execute arbitrary SQL commands.

Atom CMS中存在SQL注入漏洞，此漏洞是由于未充分验证用户输入avatar.php的数据所导致的。