Lucene search
K

316 matches found

Cvelist
Cvelist
added 2025/09/19 12:0 a.m.10 views

CVE-2025-55910

CMSEasy v7.7.8.0 and before is vulnerable to Arbitrary file deletion in databaseadmin.php...

0.00207EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/09/19 12:0 a.m.6 views

CVE-2025-55910

CMSEasy v7.7.8.0 and before is vulnerable to Arbitrary file deletion in databaseadmin.php...

6.6AI score0.00207EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:21 a.m.11 views

CVE-2024-31551

Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete arbitrary files via crafted GET request...

7.5CVSS7AI score0.00687EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:19 a.m.9 views

CVE-2024-32236

An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via the update function in the index.php component...

3.5CVSS6.5AI score0.00411EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:16 a.m.6 views

CVE-2024-32162

CMSeasy 7.7.7.9 is vulnerable to Arbitrary file deletion...

4.3CVSS6.9AI score0.00397EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:49 a.m.7 views

CVE-2024-34314

CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the filegetcontents function in the fetchaction method of /admin/templateadmin.php. This vulnerability allows attackers to read arbitrary files...

7.5CVSS5.1AI score0.00446EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:45 a.m.3 views

CVE-2024-25828

cmseasy V7.7.7.9 has an arbitrary file deletion vulnerability in lib/admin/templateadmin.php...

4.9CVSS7.1AI score0.00614EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:38 a.m.8 views

CVE-2024-32163

CMSeasy 7.7.7.9 is vulnerable to code execution...

6.4CVSS7.1AI score0.00322EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:6 a.m.8 views

CVE-2024-34315

CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the filegetcontents function in the fckeditaction method of /admin/templateadmin.php. This vulnerability allows attackers to read arbitrary files...

7.5CVSS7.4AI score0.0067EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:25 a.m.16 views

CVE-2024-0523

A vulnerability was found in CmsEasy up to 7.7.7. It has been declared as critical. Affected by this vulnerability is the function getslidechildaction in the library lib/admin/languageadmin.php. The manipulation of the argument sid leads to sql injection. The attack can be launched remotely. The...

9.8CVSS9.7AI score0.00709EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:22 a.m.10 views

CVE-2023-34880

cmseasy v7.7.7.7 20230520 was discovered to contain a path traversal vulnerability via the addaction method at lib/admin/languageadmin.php. This vulnerability allows attackers to execute arbitrary code and perform a local file inclusion...

9.8CVSS8.1AI score0.01072EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:27 p.m.6 views

CVE-2020-18406

An issue was discovered in cmseasy v7.0.0 that allows user credentials to be sent in clear text due to no encryption of form data...

7.5CVSS6.8AI score0.00365EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 1:2 p.m.5 views

CVE-2018-11679

An issue was discovered in CmsEasy 6.120180508. There is a CSRF vulnerability that can add an article via /index.php?case=table=add=archivedir=admin...

8.8CVSS7AI score0.00538EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:1 a.m.6 views

CVE-2019-8432

In CmsEasy 7.0, there is XSS via the ckplayer.php url parameter...

6.1CVSS5.9AI score0.00752EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:50 a.m.11 views

CVE-2019-8434

In CmsEasy 7.0, there is XSS via the ckplayer.php autoplay parameter...

6.1CVSS5.9AI score0.00752EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:2 a.m.10 views

CVE-2018-11680

An issue was discovered in CmsEasy 6.120180508. There is a CSRF vulnerability in the rich text editor that can add an IFRAME element. This might be used in a DoS attack if a referenced remote URL is refreshed at a rapid rate...

6.5CVSS7.1AI score0.00416EPSS
Exploits0References1
NVD
NVD
added 2025/02/16 9:15 a.m.56 views

CVE-2025-1336

A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic. Affected by this vulnerability is the function deleteimgaction in the library lib/admin/imageadmin.php. The manipulation of the argument imgname leads to path traversal. The attack can be launched remotely. The explo...

8.1CVSS0.00951EPSS
Exploits1References4
OSV
OSV
added 2025/02/16 9:15 a.m.6 views

CVE-2025-1336

A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic. Affected by this vulnerability is the function deleteimgaction in the library lib/admin/imageadmin.php. The manipulation of the argument imgname leads to path traversal. The attack can be launched remotely. The explo...

8.1CVSS4.8AI score0.00951EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/02/16 9:0 a.m.13 views

CVE-2025-1336 CmsEasy image_admin.php deleteimg_action path traversal

A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic. Affected by this vulnerability is the function deleteimgaction in the library lib/admin/imageadmin.php. The manipulation of the argument imgname leads to path traversal. The attack can be launched remotely. The explo...

5.3CVSS7AI score0.00951EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/02/16 9:0 a.m.49 views

CVE-2025-1336 CmsEasy image_admin.php deleteimg_action path traversal

A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic. Affected by this vulnerability is the function deleteimgaction in the library lib/admin/imageadmin.php. The manipulation of the argument imgname leads to path traversal. The attack can be launched remotely. The explo...

5.3CVSS0.00951EPSS
Exploits1References4
Rows per page
Query Builder