Advisories for Composer/Genix/Cms package

2022
2018
2017

Code Injection

In the Upload Modules page, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a module.

Improper Input Validation

GeniXCMS allows remote attackers to cause a denial of service (account blockage) by leveraging the mishandling of certain username substring relationships, such as the admin<script> username versus the admin username, related to register.php, User.class.php, and Type.class.php.

Improper Authentication

forgotpassword.php lacks a rate limit, which might allow remote attackers to cause a denial of service (login inability) or possibly conduct Arbitrary User Password Reset attacks via a series of requests.

SQL Injection

GeniXCMS has an SQL Injection in inc/lib/Control/Backend/menus.control.php that can be exploited via the menuid parameter.

Code Injection

GeniXCMS allows remote attackers to bypass the alertDanger MSG_USER_EMAIL_EXIST protection mechanism via a register.php?act=edit&id=1` request.

SQL Injection

SQL injection vulnerability in register.php in GeniXCMS allows remote attackers to execute arbitrary SQL commands via the activation parameter.