CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

326 matches found

EUVD•added 2022/11/21 9:30 p.m.•5 views

EUVD-2022-7343

Cross-site Scripting in Backdrop CMS...

4.8CVSS4.9AI score0.0196EPSS

Exploits1References5

OSV•added 2022/11/21 9:30 p.m.•18 views

GHSA-G8JW-8VPV-PV5Q Cross-site Scripting in Backdrop CMS

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via Post content. The account must have admin privileges...

4.8CVSS4.9AI score0.0196EPSS

Exploits1References5

Github Security Blog•added 2022/11/21 9:30 p.m.•29 views

Cross-site Scripting in Backdrop CMS

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via Post content. The account must have admin privileges...

4.8CVSS5AI score0.0196EPSS

Exploits1References6Affected Software1

NVD•added 2022/11/21 9:15 p.m.•14 views

CVE-2022-42096

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via Post content...

4.8CVSS0.0196EPSS

Exploits1References4

OSV•added 2022/11/21 9:15 p.m.•29 views

CVE-2022-42096

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via Post content...

4.8CVSS5AI score0.0196EPSS

Exploits1References4

Prion•added 2022/11/21 9:15 p.m.•18 views

Cross site scripting

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via Post content...

4.3CVSS4.9AI score0.0196EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2022/11/21 12:0 a.m.•5 views

CVE-2022-42096

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via Post content...

4.9AI score0.0196EPSS

Exploits1References4

CVE•added 2022/11/21 12:0 a.m.•105 views

CVE-2022-42096

Backdrop CMS 1.23.0 contains a stored XSS in Post content. Exploitation requires authenticated content-creation/administrative privileges (per sources). An attacker can inject malicious JavaScript that may be executed when posts are viewed, potentially compromising administrator sessions. Remedia...

4.8CVSS4.8AI score0.0196EPSS

Exploits1References4Affected Software1

CNNVD•added 2022/11/21 12:0 a.m.•5 views

Backdrop CMS 跨站脚本漏洞

Backdrop CMS is an open source content management system CMS. A security vulnerability exists in Backdrop CMS version 1.23.0, which stems from stored cross-site scripting in its Post component...

4.8CVSS4.9AI score0.0196EPSS

Exploits1References5

Cvelist•added 2022/11/21 12:0 a.m.•24 views

CVE-2022-42096

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via Post content...

5.2AI score0.0196EPSS

Exploits1References4

Tenable Nessus•added 2022/11/03 12:0 a.m.•34 views

Oracle Linux 7 : pcs (ELSA-2022-7343)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7343 advisory. 0.9.169-3.0.1 - replace logo pcsd/public/favicon.ico in tarball - remove Source1 HAM-logo.png 0.9.169-3.el73.2 - Update rubygem rack - Upgrade jquery i...

10CVSS7AI score0.87218EPSS

Exploits4References3

OSV•added 2022/10/07 6:15 p.m.•16 views

GHSA-33C9-RPPF-M7FQ Backdrop CMS Unrestricted File Upload vulnerability

Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via themes that allows attackers to achieve Remote Code Execution...

7.2CVSS7.2AI score0.01468EPSS

Exploits2References3

Github Security Blog•added 2022/10/07 6:15 p.m.•30 views

Backdrop CMS Unrestricted File Upload vulnerability

Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via themes that allows attackers to achieve Remote Code Execution...

7.2CVSS7AI score0.01468EPSS

Exploits2References3Affected Software1

ATTACKERKB•added 2022/10/07 6:15 p.m.•4 views

CVE-2022-42092

Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. Note: Third parties dispute this and argue that advanced permissions are required...

7.2CVSS5.9AI score0.01468EPSS

Exploits2References2

NVD•added 2022/10/07 6:15 p.m.•13 views

CVE-2022-42092

7.2CVSS0.01468EPSS

Exploits2References1

OSV•added 2022/10/07 6:15 p.m.•17 views

CVE-2022-42092

7.2CVSS7.2AI score

Exploits0References1

Prion•added 2022/10/07 6:15 p.m.•12 views

Unrestricted file upload

Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution...

5.8CVSS7AI score0.01468EPSS

Exploits2References1Affected Software1

Positive Technologies•added 2022/10/07 12:0 a.m.•4 views

PT-2022-26247 · Unknown · Backdrop Cms

Name of the Vulnerable Software and Affected Versions: Backdrop CMS version 1.22.0 Description: The issue allows attackers to achieve Remote Code Execution via themes due to an Unrestricted File Upload vulnerability. Note that there is a dispute from third parties, arguing that advanced permissio...

7.2CVSS7.6AI score0.01468EPSS

Exploits2References6

CVE•added 2022/10/07 12:0 a.m.•95 views

CVE-2022-42092

Backdrop CMS 1.22.0 is affected by an Unrestricted File Upload vulnerability via the themes component that can lead to Remote Code Execution. The issue is documented across multiple sources as susceptible to exploitation, with third-party notes arguing that advanced permissions may be required. A...

7.2CVSS7.1AI score0.01468EPSS

Exploits2References1Affected Software1

CNNVD•added 2022/10/07 12:0 a.m.•3 views

Backdrop CMS 代码问题漏洞

Backdrop CMS is an open source content management system CMS. A code issue vulnerability exists in Backdrop CMS version 1.22.0, which stems from themes having an unrestricted file upload vulnerability that can be exploited by an attacker to remotely execute code...

7.2CVSS7.2AI score0.01468EPSS

Exploits2References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by