CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...

5.4CVSS5.5AI score0.00104EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 7:50 a.m.•3 views

CVE-2018-14582

index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a background administrator account...

8.8CVSS6.9AI score0.00168EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 6:59 a.m.•5 views

CVE-2018-19560

BageCMS 3.1.3 has CSRF via upload/index.php?r=admini/admin/ownerUpdate to modify a user account...

9.3CVSS6.9AI score0.0015EPSS

Exploits1References1

CNVD•added 2023/07/10 12:0 a.m.•12 views

BageCMS Cross-Site Scripting Vulnerability

BageCMS is a cross-platform content management system CMS based on PHP and MySQL by the BageCMS team in China. A cross-site scripting vulnerability exists in BageCMS v3.1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the custom settings module, and can ...

5.4CVSS6.4AI score0.00104EPSS

Exploits1References1

ATTACKERKB•added 2023/07/06 3:15 p.m.•1 views

CVE-2023-37122

A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...

5.4CVSS6.2AI score0.00104EPSS

Exploits1References2

NVD•added 2023/07/06 3:15 p.m.•8 views

CVE-2023-37122

A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...

5.4CVSS5.3AI score0.00104EPSS

Exploits1References1

OSV•added 2023/07/06 3:15 p.m.•1 views

CVE-2023-37122

A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...

5.4CVSS5.9AI score

Exploits0References1

Prion•added 2023/07/06 3:15 p.m.•8 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...

4.9CVSS5.2AI score0.00104EPSS

Exploits1References1Affected Software1

CVE•added 2023/07/06 12:0 a.m.•119 views

CVE-2023-37122

CVE-2023-37122 describes a stored XSS in Bagecms v3.1.0, exploitable via the Custom Settings module. The root cause cited across sources is inadequate input filtering/escaping in that module, allowing arbitrary web script or HTML execution. Public references consistently name BageCMS 3.1.0 and no...

5.4CVSS5.2AI score0.00104EPSS

Exploits1References1Affected Software1

CNNVD•added 2023/07/06 12:0 a.m.•2 views

Bagecms 跨站脚本漏洞

5.4CVSS6.2AI score0.00104EPSS

Exploits1References2

Vulnrichment•added 2023/07/06 12:0 a.m.•14 views

CVE-2023-37122

A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...

5.7AI score0.00104EPSS

Exploits1References1

Cvelist•added 2023/07/06 12:0 a.m.•16 views

CVE-2023-37122

A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...

5.4AI score0.00104EPSS

Exploits1References1

Positive Technologies•added 2023/07/06 12:0 a.m.•2 views

PT-2023-25789 · Bagecms · Bagecms

Name of the Vulnerable Software and Affected Versions: Bagecms version 3.1.0 Description: A stored cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module. This enables attackers to potentially...

5.4CVSS5.6AI score0.00104EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by