Lucene search
K

683 matches found

CNNVD
CNNVD
added 2021/09/15 12:0 a.m.4 views

FeehiCMS 代码问题漏洞

FeehiCMS is a Php-based CMS builder. feehiCMS v2.0.8 and previous versions have a security vulnerability that can be exploited by attackers to execute arbitrary code via a crafted PHP file...

9.8CVSS6.2AI score0.01724EPSS
Exploits1References2
NVD
NVD
added 2021/09/07 10:15 p.m.9 views

CVE-2020-19767

A lack of target address verification in the destroycontract function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script...

7.5CVSS0.01135EPSS
Exploits1References1
NVD
NVD
added 2021/09/07 10:15 p.m.10 views

CVE-2020-19769

A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...

7.5CVSS0.00524EPSS
Exploits1References1
OSV
OSV
added 2021/09/07 10:15 p.m.3 views

CVE-2020-19768

A lack of target address verification in the selfdestructs function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script...

7.5CVSS7.1AI score0.00524EPSS
Exploits1References1
NVD
NVD
added 2021/09/07 10:15 p.m.12 views

CVE-2020-19768

A lack of target address verification in the selfdestructs function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script...

7.5CVSS0.00524EPSS
Exploits1References1
OSV
OSV
added 2021/09/07 10:15 p.m.5 views

CVE-2020-19767

A lack of target address verification in the destroycontract function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script...

7.5CVSS7.1AI score0.01135EPSS
Exploits1References1
OSV
OSV
added 2021/09/07 10:15 p.m.2 views

CVE-2020-19769

A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...

7.5CVSS5.8AI score0.00524EPSS
Exploits1References1
Prion
Prion
added 2021/09/07 10:15 p.m.15 views

Design/Logic Flaw

A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...

5CVSS7.3AI score0.00524EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/09/07 10:15 p.m.12 views

Code injection

A lack of target address verification in the selfdestructs function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script...

5CVSS7.3AI score0.00524EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/09/07 9:59 p.m.14 views

CVE-2020-19767

A lack of target address verification in the destroycontract function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script...

7.4AI score0.01135EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/09/07 9:59 p.m.25 views

CVE-2020-19769

A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...

7.4AI score0.00524EPSS
Exploits1References1
CVE
CVE
added 2021/09/07 9:59 p.m.37 views

CVE-2020-19769

CVE-2020-19769 : A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script. Affected software: Rob The Bank 1.0 (BurnMe() function). Root cause: missing target address verification. Impact: token thef...

7.5CVSS7.3AI score0.00524EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/09/07 12:0 a.m.5 views

ICOVO 数据伪造问题漏洞

ICOVO is a cross-platform solution that allows the use of tokens such as NFT on the OVO chain on Ether.ICOVO suffers from an input validation error vulnerability that stems from a lack of target address validation in the selfdestructs function, which can be exploited by attackers to steal tokens...

7.5CVSS5.6AI score0.00524EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/09/07 12:0 a.m.3 views

0xRACER 输入验证错误漏洞

0xRACER is a new team-based pool lottery game. 0xRACER is vulnerable to an input validation error stemming from a lack of target address validation in the destroycontract function of 0xRACER version 1.0, which could be exploited by an attacker to steal a token from a victim user via a carefully...

7.5CVSS5.6AI score0.01135EPSS
Exploits1References2
OSV
OSV
added 2021/05/17 10:15 p.m.10 views

CVE-2020-18194

Cross Site Scripting XSS in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post...

6.1CVSS6.7AI score
Exploits0References1
Prion
Prion
added 2021/05/17 10:15 p.m.13 views

Cross site scripting

Cross Site Scripting XSS in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post...

4.3CVSS6.2AI score0.01524EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/05/17 9:1 p.m.14 views

CVE-2020-18194

Cross Site Scripting XSS in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post...

6.2AI score0.01524EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/05/17 12:0 a.m.2 views

Emlog 跨站脚本漏洞

emlog is a PHP and MySQL based blog and CMS builder. A cross-site scripting vulnerability exists in emlog version 6.0.0. The vulnerability can be exploited to execute arbitrary code by adding a specially crafted script as a link to a new blog post...

6.1CVSS5.7AI score0.01524EPSS
Exploits1References2
NVD
NVD
added 2021/05/10 10:15 a.m.15 views

CVE-2021-20717

Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator's web browser...

6.1CVSS0.02308EPSS
Exploits0References3
Prion
Prion
added 2021/05/10 10:15 a.m.21 views

Cross site scripting

Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator's web browser...

4.3CVSS6.2AI score0.02308EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder