Lucene search
K

12 matches found

CVE
CVE
added 2026/06/09 8:49 p.m.29 views

CVE-2026-25557

CVE-2026-25557 affects Evoluted PHP Directory Listing Script

5.4CVSS5.5AI score0.00187EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/09 8:49 p.m.8 views

CVE-2026-25557 Evoluted PHP Directory Listing Script 4.0.5 Reflected XSS via dir parameter

Evoluted PHP Directory Listing Script through 4.0.5 contains a reflected cross-site scripting vulnerability in index.php where the dir parameter value is reflected without HTML encoding inside the HTML title element and inside anchor href attributes in the breadcrumb navigation. Attackers can...

5.4CVSS5.5AI score0.00187EPSS
Exploits0References3
Circl
Circl
added 2026/03/21 3:2 p.m.4 views

CVE-2019-25557

creationtimestamp| type| source ---|---|--- 2026-03-21 15:02:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhlcgbc3oj2u...

6.9CVSS5.8AI score0.00176EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:6 a.m.6 views

CVE-2022-25557

Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service DoS via the urls parameter...

7.8CVSS7.5AI score0.01219EPSS
Exploits1References1
Oracle linux
Oracle linux
added 2024/06/18 12:0 a.m.30 views

container-tools:ol8 bug fix and enhancement update

aardvark-dns 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0 - Related: Jira:RHEL-2110 2:1.8.0-1 - update to...

4.9CVSS7.3AI score0.02085EPSS
Exploits0
CVE
CVE
added 2023/02/10 10:3 p.m.53 views

CVE-2023-25557

Summary: CVE-2023-25557 affects DataHub’s frontend proxy, which forwards REST/GraphQL requests to the DataHub Metadata Store (GMS). The proxy may mishandle URL construction when relaying requests, enabling a Server-Side Request Forgery (SSRF) where an attacker could redirect a frontend-originated...

9.1CVSS8.7AI score0.00684EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/10 10:3 p.m.7 views

CVE-2023-25557 Server-Side Request Forgery in DataHub

DataHub is an open-source metadata platform. The DataHub frontend acts as a proxy able to forward any REST or GraphQL requests to the backend. The goal of this proxy is to perform authentication if needed and forward HTTP requests to the DataHub Metadata Store GMS. It has been discovered that the...

7.5CVSS8.2AI score0.00684EPSS
Exploits0References1
CVE
CVE
added 2022/03/09 6:27 p.m.83 views

CVE-2022-25557

CVE-2022-25557 affects Tenda AX1806 v1.0.0.1. A heap overflow in the function saveParentControlInfo has been identified, which can allow an attacker to trigger a Denial of Service (DoS) via the urls parameter. The vulnerability is documented across multiple feeds (e.g., NVD/NIST, CNVD, Red Hat ad...

7.8CVSS7.6AI score0.01219EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2021/01/28 12:0 a.m.163 views

CMSUno 1.6.2 Remote Code Execution

!/usr/bin/env ruby Exploit Title: CMSUno 1.6.1 = 1.6.2 - Remote Code Execution Authenticated Google Dorks: inurl:uno/central.php inurl:uno/config.php inurl:uno.php intitle:"CMSUno - Login" Author: noraj Alexandre ZANNI for SEC-IT https://secit.fr Author website: https://pwn.by/noraj/ Date:...

6.5CVSS0.1AI score0.09852EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/01/28 12:0 a.m.362 views

CMSUno 1.6.2 - 'lang' Remote Code Execution (Authenticated)

Exploit Title: CMSUno 1.6.2 - 'lang/user' Remote Code Execution Authenticated Google Dorks: inurl:uno/central.php inurl:uno/config.php inurl:uno.php intitle:"CMSUno - Login" Exploit Author: noraj Alexandre ZANNI for SEC-IT https://secit.fr https://www.exploit-db.com/?author=10066 Vendor Homepage:...

8.8CVSS8.7AI score0.09852EPSS
Exploits4
Circl
Circl
added 2020/11/13 6:33 p.m.7 views

CVE-2020-25557

creationtimestamp| type| source ---|---|--- 2020-11-13 18:33:51+00:00| seen| https://t.me/cibsecurity/16297...

8.8CVSS8.1AI score0.09852EPSS
Exploits3References1
CVE
CVE
added 2020/11/13 3:25 p.m.120 views

CVE-2020-25557

CMSUno 1.6.2 is affected by a code-injection vulnerability where an attacker can inject PHP code via the username field while changing their username/password. When the attacker logs in, the injected code executes, enabling an authenticated user to run commands on the server. Public advisories (e...

8.8CVSS8.7AI score0.09852EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder