CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

CVE•added 2021/12/20 10:50 p.m.•24 views

CVE-2020-16704

CVE-2020-16704 entry is rejected and not an active vulnerability.

6.7AI score

Exploits0

Cvelist•added 2021/12/20 10:50 p.m.•5 views

CVE-2020-16704

...

Exploits0

OSV•added 2019/09/23 4:15 a.m.•3 views

CVE-2019-16704

admin/infoclassupdate.php in PHPMyWind 5.6 has stored XSS...

4.8CVSS5.8AI score0.00323EPSS

Exploits1References1

CVE•added 2019/09/23 3:44 a.m.•155 views

CVE-2019-16704

PHPMyWind 5.6 is affected by a stored XSS vulnerability in admin/infoclass_update.php. The root cause is lack of proper validation of client-side data in the web application, allowing an attacker to execute client-side code. This is documented across multiple connected sources (e.g., Red Hat RH-C...

4.8CVSS5.1AI score0.00323EPSS

Exploits1References1Affected Software1

OSV•added 2018/09/07 5:29 p.m.•2 views

CVE-2018-16704

An issue was discovered in Gleez CMS v1.2.0. Because of an Insecure Direct Object Reference vulnerability, it is possible for attackers logged in users to view profile page of other users, as demonstrated by navigating to user/3 on demo.gleezcms.org...

4.3CVSS5.8AI score0.00153EPSS

Exploits0References1

CVE•added 2018/09/07 5:0 p.m.•36 views

CVE-2018-16704

CVE-2018-16704 affects Gleez CMS v1.2.0. The issue is an Insecure Direct Object Reference that allows authenticated users to view the profile page of other users, demonstrated by accessing /user/3 on demo.gleezcms.org. This is a user-authorization bypass that could expose profile details to other...

4.3CVSS4.5AI score0.00153EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by