CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2018-9096

Malware in sbrugna...

8.1CVSS8.1AI score0.00438EPSS

Exploits1References2

vulnersOsv•added 2025/09/08 6:31 p.m.•1 views

a3m (=0.1.0), aa-charlink (>=0.1.1 <=1.0.0) +2520 more potentially affected by CVE-2025-57833 via django (>=1.10.0 <=4.2.23)

django PYPI version =1.10.0, =0.1.1, =1.0.0, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =1.4.0, =1.4.2 - adede =4.1.0 and more Source cves: CVE-2025-57833 Source advisory: OSV:GHSA-6W2R-R2M5-XQ5W...

8.1CVSS7.3AI score0.00074EPSS

Exploits4

vulnersOsv•added 2025/09/03 8:41 p.m.•1 views

aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +507 more potentially affected by CVE-2025-57833 via django (>=4.0.0 <=4.2.23)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =65.10.0, =65.10.3 and more Source cves: CVE-2025-57833 Source advisory: SNYK:PYTHON-DJANGO-12485156...

8.1CVSS7.3AI score0.00074EPSS

Exploits4

Patchstack•added 2025/06/12 3:37 p.m.•3 views

WordPress MultiVendorX plugin <= 4.2.23 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika in WordPress Plugin MultiVendorX versions = 4.2.23...

8.6CVSS7AI score0.00053EPSS

Exploits0Affected Software1

OpenVAS•added 2022/09/01 12:0 a.m.•15 views

Debian: Security Advisory (DLA-3090-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8CVSS7.9AI score0.226EPSS

Exploits1References3

OpenVAS•added 2019/03/15 12:0 a.m.•187 views

WordPress Multiple Vulnerabilities (Mar 2019) - Windows

WordPress is prone to a cross-site request forgery CSRF vulnerability in a comment form which leads to HTML injection and cross-site scripting XSS attacks. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

8.8CVSS8.2AI score0.81017EPSS

Exploits4References4

Tenable Nessus•added 2019/03/14 12:0 a.m.•17 views

WordPress 4.2.x < 4.2.23 Cross-Site Scripting

According to its self-reported version number, the detected WordPress application is affected by a cross-site scripting XSS vulnerability due to insufficient input sanitization in comment. Note that the scanner has not tested for these issues but has instead relied only on the application's...

8.8CVSS6AI score0.81017EPSS

Exploits4References4

CNVD•added 2018/10/18 12:0 a.m.•1 views

BigTree CMS cross-site scripting vulnerability (CNVD-2018-21319)

Fastspot BigTree is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A cross-site scripting vulnerability exists in /admin/ajax/file-browser/upload/ in Fastspot BigTree version 4.2.23. A remote attacker can exploit this vulnerability to inject...

6.1CVSS5.9AI score0.04598EPSS

Exploits4References1

exploitpack•added 2018/10/17 12:0 a.m.•23 views

BigTree CMS 4.2.23 - Cross-Site Scripting

BigTree CMS 4.2.23 - Cross-Site Scripting Exploit Title: BigTree CMS 4.2.23 - Cross-Site Scripting Date: 2018-10-15 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.bigtreecms.org/ Software Link : https://github.com/bigtreecms/BigTree-CMS/ Software : BigTree CMS Version : 4.2.23...

4.3CVSS6.1AI score0.04598EPSS

Exploits4

NVD•added 2018/10/16 10:29 p.m.•11 views

CVE-2018-18308

In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been discovered in /admin/ajax/file-browser/upload/ aka the image upload area...

6.1CVSS6AI score0.04598EPSS

Exploits4References4

OSV•added 2018/10/16 10:29 p.m.•10 views

CVE-2018-18308

In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been discovered in /admin/ajax/file-browser/upload/ aka the image upload area...

6.1CVSS5.8AI score

Exploits0References4

Prion•added 2018/10/16 10:29 p.m.•12 views

Cross site scripting

In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been discovered in /admin/ajax/file-browser/upload/ aka the image upload area...

4.3CVSS5.9AI score0.04598EPSS

Exploits4References4Affected Software1

Cvelist•added 2018/10/16 10:0 p.m.•13 views

CVE-2018-18308

In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been discovered in /admin/ajax/file-browser/upload/ aka the image upload area...

6AI score0.04598EPSS

Exploits4References4

0day.today•added 2018/10/15 12:0 a.m.•17 views

BigTree CMS 4.2.23 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: BigTree CMS 4.2.23 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.bigtreecms.org/ Software Link : https://github.com/bigtreecms/BigTree-CMS/ Software : BigTree CMS Version : 4.2.23...

6.4AI score0.04598EPSS

Exploits4

Prion•added 2018/09/23 5:29 a.m.•10 views

Authentication flaw

BigTree 4.2.23 on Windows, when Advanced or Simple Rewrite routing is enabled, allows remote attackers to bypass authentication via a ..\ substring, as demonstrated by a launch.php?bigtreehtaccessurl=admin/images/..\ URI...

6.8CVSS8.1AI score0.00438EPSS

Exploits1References1Affected Software1

NVD•added 2018/09/23 5:29 a.m.•7 views

CVE-2018-17341

8.1CVSS8.2AI score0.00438EPSS

Exploits1References1

Cvelist•added 2018/09/23 5:0 a.m.•13 views

CVE-2018-17341

8.2AI score0.00438EPSS

Exploits1References1

Rows per page