CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/02/11 8:37 p.m.•2 views

CVE-2020-37186

Exploits0References4Affected Software1

CVE•added 2026/02/11 8:37 p.m.•5 views

CVE-2020-37186

CVE-2020-37186 affects Chevereto 3.13.4 Core. The vulnerability arises in the database configuration installation where the database table prefix parameter can be manipulated to write a PHP shell file and execute arbitrary system commands via a crafted POST request. Impact is high: remote code ex...

Vulnrichment•added 2026/02/11 8:37 p.m.•3 views

CVE-2020-37186 Chevereto 3.13.4 Core - Remote Code Execution

Cvelist•added 2026/02/11 8:37 p.m.•20 views

CVE-2020-37186 Chevereto 3.13.4 Core - Remote Code Execution

9.8CVSS0.00137EPSS

CNNVD•added 2026/02/11 12:0 a.m.•2 views

Chevereto 代码注入漏洞

Chevereto is a graph-based program. The Chevereto 3.13.4 Core version has a code injection vulnerability, which stems from improper handling of database table prefix parameters. This vulnerability may lead to remote code execution...

9.8CVSS6.1AI score0.00137EPSS

Positive Technologies•added 2026/02/11 12:0 a.m.•2 views

PT-2026-7684

RedhatCVE•added 2026/01/09 11:24 a.m.•5 views

Exploits0References5

CVE-2021-31721

Chevereto before 3.17.1 allows Cross Site Scripting XSS via an image title at the image upload stage...

6.1CVSS6.2AI score0.00405EPSS

Exploits3References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-2899

Malware in sbrugna...

5CVSS6.4AI score0.04596EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-1378

Malware in sbrugna...

6.1CVSS6.3AI score0.00265EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2012-2898

Malware in sbrugna...

4.3CVSS6.4AI score0.03359EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-18605

Malware in sbrugna...

6.1CVSS6.3AI score0.00405EPSS

Exploits3References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-4014

Malware in sbrugna...

5.4CVSS5.5AI score0.00191EPSS

Exploits1References3

Packet Storm•added 2023/08/09 12:0 a.m.•309 views

Chevereto CMS 3.7.0 SQL Injection

==================================================================================================================================== | Title : Chevereto CMS V3.7.0 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit...

7.1AI score

Packet Storm•added 2023/07/19 12:0 a.m.•248 views

Chevereto CMS 3.7.0 HTTP Parameter Pollution

==================================================================================================================================== | Title : Chevereto CMS V3.7.0 HPP Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | | Vendo...

7.1AI score

Huntr•added 2021/10/02 8:23 a.m.•14 views

Server-Side Request Forgery (SSRF) in chevereto/chevereto-free

Description Attackers can make the server perform arbitrary requests to internal IPs as well as use the file:/// protocol to disclose internal image data. Proof of Concept 1: Create a valid image file on the server /path/to/index.png 2: Choose add Image URLs and use a valid URL and click OK. Then...

0.3AI score

Huntr•added 2021/07/17 3:59 a.m.•10 views

Cross-site Scripting (XSS) - Stored in chevereto/chevereto-free

✍️ Description Stored xss via image upload TESTED VESRION latest github code as of 16/7/21 🕵️‍♂️ Proof of Concept 1. First download https://github.com/ranjit-git/poc/blob/master/xss%22'%3E%3Cimg%20src%3Dx%20onerror%3Dalert123%3E.jpeg image file in linux . Dont change the file name . This type file...

7.2AI score