Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-38920

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00192EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 2:22 a.m.4 views

CVE-2023-34880

cmseasy v7.7.7.7 20230520 was discovered to contain a path traversal vulnerability via the addaction method at lib/admin/languageadmin.php. This vulnerability allows attackers to execute arbitrary code and perform a local file inclusion...

9.8CVSS8.1AI score0.00192EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 1:2 p.m.3 views

CVE-2018-11679

An issue was discovered in CmsEasy 6.120180508. There is a CSRF vulnerability that can add an article via /index.php?case=table=add=archivedir=admin...

8.8CVSS7AI score0.00138EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/02/16 12:0 a.m.2 views

PT-2025-6878 · Cmseasy · Cmseasy

Name of the Vulnerable Software and Affected Versions: CmsEasy version 7.7.7.9 Description: A vulnerability was found in the function deleteimg action in the library lib/admin/file admin.php. The manipulation of the argument imgname leads to path traversal. It is possible to launch the attack...

8.1CVSS4.9AI score0.0015EPSS
Exploits1References11
Positive Technologies
Positive Technologiesadded 2025/02/16 12:0 a.m.3 views

PT-2025-6879 · Cmseasy · Cmseasy

Name of the Vulnerable Software and Affected Versions: CmsEasy version 7.7.7.9 Description: A vulnerability has been found in the function deleteimg action in the library lib/admin/image admin.php. The manipulation of the argument imgname leads to path traversal. The attack can be launched...

8.1CVSS4.9AI score0.00167EPSS
Exploits1References10
NVD
NVDadded 2024/04/17 7:15 p.m.11 views

CVE-2024-32162

CMSeasy 7.7.7.9 is vulnerable to Arbitrary file deletion...

4.3CVSS6.5AI score0.001EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2023/06/15 12:0 a.m.8 views

CVE-2023-34880

cmseasy v7.7.7.7 20230520 was discovered to contain a path traversal vulnerability via the addaction method at lib/admin/languageadmin.php. This vulnerability allows attackers to execute arbitrary code and perform a local file inclusion...

7.8AI score0.00192EPSS
Exploits1References1
seebug.org
seebug.orgadded 2014/12/11 12:0 a.m.34 views

CmsEasy最新版5.5 存储型XSS导致GetShell

简要描述: n处XSS,我不信都插完打不到cookie,get不了shell -.- 详细说明: 第一处(只代码审计第一处,后面几处类似。都是没有过滤): function loginfalse cookie::set'loginfalse',int cookie::get'loginfalse'+1,time+3600; event::log'loginfalse','失败 user='.front::post'username'; front::flashlang'登陆失败!'."".lang'backuppage'."";...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/04 12:0 a.m.38 views

cmseasy 最新版任意权限getshell

简要描述: 这是一个很长的故事,还请客官慢慢看来。(看在我这么晚还在挖洞写文章的份上,求闪电呀!) 版本:2014-06-05 详细说明: 0x01 首先,从一个后台未授权访问开始讲起。 看到文件/lib/admin/admin.php if !defined'ROOT' exit'Can't Access !'; abstract class admin extends act function construct if ADMINDIR!=config::get'admindir' config::modifyarray'admindir'=ADMINDIR;...

7AI score
Exploits0
Rows per page
Query Builder