Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNVD
CNVDadded 2021/10/21 12:0 a.m.15 views

Portlandlabs Concrete5 Cross-Site Scripting Vulnerability (CNVD-2021-94047)

Portlandlabs Concrete5 is an open source content management system CMS from PortlandLabs, Inc. A cross-site scripting vulnerability exists in Portlandlabs Concrete5 crete5-legacy 5.6.4.0 and prior versions, which can be exploited by remote attackers to "mode" parameter to inject arbitrary web...

6.1CVSS1.9AI score0.00283EPSS
Exploits1References1
NVD
NVDadded 2021/10/01 4:15 p.m.9 views

CVE-2021-41464

Cross-site scripting XSS vulnerability in concrete/elements/collectionadd.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...

6.1CVSS0.00283EPSS
Exploits1References2
OSV
OSVadded 2021/10/01 4:15 p.m.10 views

CVE-2021-41462

Cross-site scripting XSS vulnerability in concrete/elements/collectionadd.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the ctID parameter...

6.1CVSS5.9AI score
Exploits0References2
CVE
CVEadded 2021/10/01 3:42 p.m.34 views

CVE-2021-41464

CVE-2021-41464 affects concrete5-legacy 5.6.4.0 and earlier; Cross-site scripting via concrete/elements/collection_add.php (rel parameter) allows remote attackers to inject arbitrary web script/HTML. This is confirmed by multiple sources (NVD, Red Hat, CNVD). The provided documents do not specify...

6.1CVSS6AI score0.00283EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2021/10/01 3:42 p.m.33 views

CVE-2021-41465

CVE-2021-41465 affects concrete5-legacy 5.6.4.0 and earlier. The issue is a cross-site scripting (XSS) vulnerability in the file collection_theme.php , exploitable via the rel parameter, enabling remote attackers to inject arbitrary web script or HTML. The connected documents corroborate the affe...

6.1CVSS6AI score0.00283EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2021/10/01 3:42 p.m.29 views

CVE-2021-41462

CVE-2021-41462 : In concrete5-legacy versions ≤ 5.6.4.0, a cross-site scripting (XSS) flaw exists in concrete/elements/collection_add.php via the ctID parameter. This allows remote attackers to inject arbitrary web script or HTML. The affected product is concrete5-legacy 5.6.4.0 and earlier. The ...

6.1CVSS6AI score0.00283EPSS
Exploits1References2Affected Software1
CNNVD
CNNVDadded 2021/10/01 12:0 a.m.3 views

Portlandlabs Concrete5 跨站脚本漏洞

Portlandlabs Concrete5 is an open source content management system CMS from PortlandLabs, Inc. A cross-site scripting vulnerability exists in Portlandlabs Concrete5 crete5-legacy 5.6.4.0 and prior versions, which can be exploited by remote attackers to "mode" parameter to inject arbitrary web...

6.1CVSS5.5AI score0.00283EPSS
Exploits1References2
Rows per page
Query Builder