Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Catfish Security Vulnerabilities

cve
cve

CVE-2018-10023

Catfish CMS V4.7.21 allows XSS via the pinglun parameter to cat/index/index/pinglun (aka an authenticated...

5.4CVSS

5.1AI Score

0.001EPSS

2022-10-03 04:22 PM
31
cve
cve

CVE-2021-45018

Cross Site Scripting (XSS) vulnerability exists in Catfish <=6.3.0 via a Google search in url:/catfishcms/index.php/admin/Index/addmenu.htmland then the .html file on the website that uses this editor (the file suffix is...

6.1CVSS

5.9AI Score

0.001EPSS

2021-12-15 11:15 PM
18
cve
cve

CVE-2021-45017

Cross Site Request Forgery (CSRF) vulnerability exits in Catfish <=6.1.* when you upload an html file containing CSRF on the website that uses a google editor; you can specify the menu url address as your malicious url address in the Add Menu...

8.8CVSS

8.9AI Score

0.001EPSS

2021-12-15 11:15 PM
19
cve
cve

CVE-2020-23962

A cross site scripting (XSS) vulnerability in Catfish CMS 4.9.90 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "announcement_gonggao"...

6.1CVSS

6AI Score

0.001EPSS

2021-06-23 07:15 PM
46
3
cve
cve

CVE-2018-18734

A CSRF issue was discovered in admin/Index/addmanageuser.html in Catfish CMS...

8.8CVSS

8.6AI Score

0.001EPSS

2018-10-29 12:29 PM
20
cve
cve

CVE-2018-18736

An XSS issue was discovered in catfish blog 2.0.33, related to "write source...

5.4CVSS

5.2AI Score

0.001EPSS

2018-10-29 12:29 PM
23
cve
cve

CVE-2018-18733

An XSS issue was discovered in Catfish CMS 4.8.30, related to "write source code," a similar issue to...

5.4CVSS

4.9AI Score

0.001EPSS

2018-10-29 12:29 PM
21
cve
cve

CVE-2018-18735

A CSRF issue was discovered in admin/Index/tiquan in catfish blog...

8.8CVSS

8.6AI Score

0.001EPSS

2018-10-29 12:29 PM
20
cve
cve

CVE-2018-13999

Catfish CMS v4.7.9 allows XSS via the admin/Index/write.html editorValue parameter (aka an article posted by an...

4.8CVSS

5AI Score

0.001EPSS

2018-07-12 12:29 PM
18
cve
cve

CVE-2014-2096

Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0 allows local users to gain privileges via a Trojan horse bin/catfish.py under the current working...

6.2AI Score

0.0004EPSS

2014-02-26 02:55 PM
27
cve
cve

CVE-2014-2093

Untrusted search path vulnerability in Catfish through 0.4.0.3 allows local users to gain privileges via a Trojan horse catfish.py in the current working...

6.2AI Score

0.0004EPSS

2014-02-26 02:55 PM
21
cve
cve

CVE-2014-2094

Untrusted search path vulnerability in Catfish through 0.4.0.3, when a Fedora package such as 0.4.0.2-2 is not used, allows local users to gain privileges via a Trojan horse catfish.pyc in the current working...

6.4AI Score

0.0004EPSS

2014-02-26 02:55 PM
24
cve
cve

CVE-2014-2095

Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0, when a Fedora package such as 0.8.2-1 is not used, allows local users to gain privileges via a Trojan horse bin/catfish.pyc under the current working...

6.4AI Score

0.0004EPSS

2014-02-26 02:55 PM
19