Lucene search
K

90 matches found

Cvelist
Cvelist
added 2021/04/13 1:47 p.m.29 views

CVE-2021-30176

The ZEROF Expert pro/2.0 application for mobile devices allows SQL Injection via the Authorization header to the /v2/devices/add endpoint...

10AI score0.29036EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/12/31 12:0 a.m.5 views

PT-2020-10894 · Netbox · Netbox

Name of the Vulnerable Software and Affected Versions: NetBox versions 2.6.2 and earlier Description: The issue allows an authenticated user to conduct a cross-site scripting XSS attack against an admin via a GFM-rendered field. This can be demonstrated by the "/dcim/sites/add/" endpoint,...

5.4CVSS5.1AI score0.00555EPSS
Exploits1References6
CNVD
CNVD
added 2019/01/03 12:0 a.m.3 views

UWA Cross-Site Request Forgery Vulnerability

UWA is a universal content management system CMS. A cross-site request forgery vulnerability exists in the index.php?g=admin&c=admin&a=addadmindo URL in UWA version 2.3.11. A remote attacker can exploit this vulnerability to perform unauthorized operations...

8.8CVSS6.9AI score0.00494EPSS
Exploits1References1
OSV
OSV
added 2018/11/17 3:29 p.m.5 views

CVE-2018-19327

An issue was discovered in JTBCPHP 3.0.1.7. aboutus/manage.php?type=action&action=add allows CSRF...

8.8CVSS5.8AI score0.00494EPSS
Exploits1References1
CNVD
CNVD
added 2018/09/07 12:0 a.m.4 views

rejucms cross-site scripting vulnerability (CNVD-2018-19433)

rejucms is an online video web content management system CMS. A cross-site scripting vulnerability exists in rejucms version 2.1, which stems from the program's failure to enforce strict filtering. The vulnerability can be exploited to inject arbitrary web script or HTML by sending the 'uname'...

6.1CVSS5.9AI score0.00707EPSS
Exploits1References1
OSV
OSV
added 2018/05/13 10:29 p.m.2 views

CVE-2018-11018

An issue was discovered in PbootCMS v1.0.7. Cross-site request forgery CSRF vulnerability in apps/admin/controller/system/RoleController.php allows remote attackers to add administrator accounts via admin.php/role/add.html...

8.8CVSS5.8AI score0.00614EPSS
Exploits1References1
CNVD
CNVD
added 2018/05/11 12:0 a.m.4 views

WUZHI CMS Cross-Site Scripting Vulnerability (CNVD-2018-09387)

WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A cross-site scripting vulnerability exists in WUZHI CMS version 4.1.0. A remote attacker can exploit this vulnerability by sending the 'tag' parameter to the...

5.4CVSS6.3AI score0.00684EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/04/24 12:0 a.m.8 views

PT-2018-9818 · Wuzhi · Wuzhi Cms

Name of the Vulnerable Software and Affected Versions: WUZHI CMS version 4.1.0 Description: A persistent XSS issue allows remote attackers to inject arbitrary web script or HTML via the tagpinyin parameter to the "/index.php?m=tags&f=index&v=add" API endpoint. Recommendations: For WUZHI CMS versi...

6.1CVSS5.9AI score0.02582EPSS
Exploits5References5
Openbugbounty
Openbugbounty
added 2017/08/04 9:42 p.m.14 views

arhivach.org XSS vulnerability

Vulnerable URL: https://arhivach.org/add/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 02.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 16022 VIP website status:| Yes Coordinated Disclosure Timeline: Description| Value ---|---...

6.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2006/05/17 12:0 a.m.5 views

PT-2006-3389 · Dubanner · Dubanner

Name of the Vulnerable Software and Affected Versions: DUbanner version 3.1 Description: The issue allows remote attackers to execute arbitrary code by uploading files with arbitrary extensions, such as ASP files, to the add.asp endpoint, probably due to client-side enforcement that can be...

7.5CVSS7.8AI score0.03956EPSS
Exploits0References7
Rows per page
Query Builder