CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

102 matches found

Github Security Blog•added 2022/04/06 12:1 a.m.•28 views

Cross site scripting in valine

valine is a fast, simple & powerful comment system. Cross Site Scripting XSS vulnerability in xCss Valine v1.4.14 via the nick parameter to /classes/Comment. A fix was released in version 1.4.15...

5.4CVSS5.2AI score0.00191EPSS

Exploits0References4Affected Software1

OSV•added 2020/12/23 7:15 p.m.•1 views

CVE-2020-35598

ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advancedcomponentsystem/index.php?ACSpath=..%2f URI. NOTE: this might be the same as CVE-2009-4623...

7.5CVSS7.1AI score

Exploits0References1

NVD•added 2020/12/23 7:15 p.m.•11 views

CVE-2020-35598

ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advancedcomponentsystem/index.php?ACSpath=..%2f URI. NOTE: this might be the same as CVE-2009-4623...

7.5CVSS7.5AI score0.79379EPSS

Exploits2References1

Prion•added 2020/12/23 7:15 p.m.•16 views

Directory traversal

ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advancedcomponentsystem/index.php?ACSpath=..%2f URI. NOTE: this might be the same as CVE-2009-4623...

5CVSS7.5AI score0.79379EPSS

Exploits3References1Affected Software1

Cvelist•added 2020/12/23 6:52 p.m.•17 views

CVE-2020-35598

ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advancedcomponentsystem/index.php?ACSpath=..%2f URI. NOTE: this might be the same as CVE-2009-4623...

7.5AI score0.79379EPSS

Exploits2References1

CVE•added 2020/12/23 6:52 p.m.•107 views

CVE-2020-35598

ACS Advanced Comment System 1.0 is affected by Local File Inclusion/Directory Traversal via advanced_component_system/index.php?ACS_path=..%2f. The Nuclei template and Exploit-DB entry confirm path traversal can lead to viewing sensitive files (e.g., /etc/passwd) and indicate potential remote cod...

7.5CVSS7.4AI score0.79379EPSS

Exploits2References1Affected Software1

CNNVD•added 2020/12/23 12:0 a.m.•7 views

Advanced Comment System Path Traversal Vulnerability

Advanced Comment System is an advanced comment system. ACS Advanced Comment System 1.0 suffers from a path traversal vulnerability that originates in index.php, an advanced component system...

7.5CVSS7.1AI score0.79379EPSS

Exploits2References3

OSV•added 2019/03/21 4:0 p.m.•1 views

CVE-2018-18845

internal/advancedcommentsystem/index.php and internal/advancedcommentsystem/admin.php in Advanced Comment System, version 1.0, contain a reflected cross-site scripting vulnerability via ACSpath. A remote unauthenticated attacker could potentially exploit this vulnerability to supply malicious HTM...

6.1CVSS5.8AI score0.00641EPSS

Exploits3References2

NVD•added 2019/03/21 4:0 p.m.•14 views

CVE-2018-18845

6.1CVSS6.1AI score0.00641EPSS

Exploits3References2

Prion•added 2019/03/21 4:0 p.m.•11 views

Cross site scripting

4.3CVSS6AI score0.00641EPSS

Exploits3References2Affected Software1

CVE•added 2019/03/17 7:44 p.m.•51 views

CVE-2018-18845

Summary of CVE-2018-18845 (Advanced Comment System): The affected product is Advanced Comment System, version 1.0. The vulnerability is a reflected cross-site scripting (XSS) flaw in internal/advanced_comment_system/index.php and internal/advanced_comment_system/admin.php via ACS_path. A remote, ...

6.1CVSS6AI score0.00641EPSS

Exploits3References2Affected Software1

0day.today•added 2019/02/21 12:0 a.m.•33 views

Advanced Comment System 1.0 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications 0day.today 2019-03-09...

0.1AI score0.00641EPSS

Exploits3

Prion•added 2018/11/29 10:29 p.m.•17 views

Sql injection

internal/advancedcommentsystem/admin.php in Advanced Comment System 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query, allowing remote attackers to execute the sqli attack via a URL in the "page" parameter...

7.5CVSS9.6AI score0.03304EPSS

Exploits5References3Affected Software1

OSV•added 2018/11/29 10:29 p.m.•2 views

CVE-2018-18619

9.8CVSS6AI score0.03304EPSS

Exploits5References3

Cvelist•added 2018/11/29 10:0 p.m.•25 views

CVE-2018-18619

9.8AI score0.03304EPSS

Exploits5References3

CVE•added 2018/11/29 10:0 p.m.•106 views

CVE-2018-18619

CVE-2018-18619 : The vulnerability affects the web app Advanced Comment System 1.0 , in the file internal/advanced_comment_system/admin.php . It is prone to an SQL injection because user-supplied data is not sufficiently sanitized before use in an SQL query, enabling remote attackers to trigger t...

9.8CVSS9.7AI score0.03304EPSS

Exploits5References3Affected Software1

0day.today•added 2018/11/12 12:0 a.m.•297 views

Advanced Comment System 1.0 SQL Injection Vulnerability

Exploit for php platform in category web applications 0day.today 2018-11-12...

0.2AI score0.03304EPSS

Exploits5

Packet Storm•added 2018/11/12 12:0 a.m.•1077 views

Advanced Comment System 1.0 SQL Injection

...

0.1AI score0.03304EPSS

Exploits5

exploitpack•added 2018/01/12 12:0 a.m.•21 views

Xnami 1.0 - Cross-Site Scripting

Xnami 1.0 - Cross-Site Scripting Exploit Title: Xnami Image Sharing - Persistent XSS Vulnerability Google Dork: " Copyright 2017 xnami. " & 2018 Date: 11-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: bizlogicdev.com Version: 1.0 CVE-ID:...

4.3CVSS0.00296EPSS

Exploits5

Packet Storm•added 2016/11/10 12:0 a.m.•39 views

4images 1.7.13 SQL Injection

vulnerable app : 4images query$sql; Input parameter orderby is not sanitized before being passed to the sql query which lead to sql injection flaw POC GET /lab/4images1.7.13/4images/admin/validateimages.php?action=validateimages&orderby=extractvalue1,concat0x7e,version&direction=ASC&limitnumber=1...

0.3AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by