CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

RedhatCVE•added 2025/12/27 12:5 a.m.•4 views

CVE-2024-42718

A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter...

6.5CVSS6.9AI score0.00022EPSS

Exploits2References1

OSV•added 2025/12/26 6:30 p.m.•2 views

GHSA-G5P6-3J82-XFM4 Croogo CMS has a path traversal vulnerability

A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter...

7.5CVSS6.8AI score0.00022EPSS

Exploits2References3

EUVD•added 2025/12/26 6:30 p.m.•2 views

EUVD-2024-55362

Croogo CMS has a path traversal vulnerability...

7.5CVSS6.4AI score0.00022EPSS

Exploits2References3

NVD•added 2025/12/26 5:15 p.m.•2 views

CVE-2024-42718

A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter...

6.5CVSS0.00022EPSS

Exploits2References2

CVE•added 2025/12/26 12:0 a.m.•6 views

CVE-2024-42718

CVE-2024-42718 affects Croogo CMS 4.0.7 and is a path-traversal vulnerability that allows remote attackers to read arbitrary files via a crafted value in the edit-file parameter. The issue is documented across multiple feeds (Red Hat, CIRCL, OSV, NVD, etc.) with the same description. The CVE entr...

6.5CVSS6.5AI score0.00022EPSS

Exploits2References2Affected Software1

Cvelist•added 2025/12/26 12:0 a.m.•15 views

CVE-2024-42718

A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter...

0.00022EPSS

Exploits2References2

Vulnrichment•added 2025/12/26 12:0 a.m.•1 views

CVE-2024-42718

A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter...

6.5AI score0.00022EPSS

Exploits2References2

CNVD•added 2018/02/26 12:0 a.m.•2 views

Croogo Cross-Site Scripting Vulnerability

Croogo is a content management system CMS based on the CakePHP framework development . The system provides content type can be customized for Blog, Node, Page, content editing using WYSIWYG editor and other features. A cross-site scripting vulnerability exists in Page name in Croogo version...

5.4CVSS6.3AI score0.0032EPSS

Exploits1References1

CNVD•added 2015/01/13 12:0 a.m.•1 views

Croogo CMS Cross-Site Scripting Vulnerability

Croogo CMS is a content management system. Croogo CMS suffers from a cross-site scripting vulnerability that can be exploited by remote attackers to construct malicious URIs and trick users into parsing them, which can be used to obtain sensitive cookies, hijack sessions, or perform malicious...

6.3AI score

Exploits0References1

Exploit DB•added 2014/10/14 12:0 a.m.•53 views

Croogo 2.0.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities

------------------------ XSS 1 -------- POST parameters: - dataContacttitle ------------------------ input type="hidden" name="dataTokenkey" value="2627e9e204ad6b878db...

7AI score

Exploits0

exploitpack•added 2012/04/29 12:0 a.m.•13 views

Croogo CMS 1.3.4 - Multiple HTML Injection Vulnerabilities

Croogo CMS 1.3.4 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/53287/info Croogo CMS is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and scrip...

0.5AI score

Exploits0

Exploit DB•added 2012/04/29 12:0 a.m.•20 views

Croogo CMS 1.3.4 - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/53287/info Croogo CMS is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser,...

7.4AI score

Exploits0

Packet Storm•added 2012/04/29 12:0 a.m.•40 views

Croogo CMS 1.3.4 Cross Site Scripting

Title: ====== Croogo v1.3.4 CMS - Multiple Web Vulnerabilities Date: ===== 2012-04-28 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=533 VL-ID: ===== 533 Introduction: ============= A CakePHP powered Content Management System. Croogo is a free and open source content...

Exploits0

Vulnerability Lab•added 2012/04/28 12:0 a.m.•22 views

Croogo v1.3.4 CMS - Multiple Web Vulnerabilities

Document Title: =============== Croogo v1.3.4 CMS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=533 Release Date: ============= 2012-04-28 Vulnerability Laboratory ID VL-ID: ==================================== 533 Produc...

0.5AI score

Exploits0

Vulnerability Lab•added 2012/04/28 12:0 a.m.•31 views

Croogo v1.3.4 CMS - Multiple Web Vulnerabilities

7.1AI score

Exploits0

securityvulns•added 2010/03/11 12:0 a.m.•207 views

Croogo CMS 1.2 Cross Site Scripting Vulnerabilities

Croogo CMS 1.2 Cross Site Scripting Vulnerabilities ========================================== Vulnerable Software: 1.2 and prior Release Date: 2010-03-06 Last Update: 2010-02-01 Critical: Low Impact: Session hijack Denial of service Code execution Solution Status: Webvuln has informed and...

7AI score

Exploits0

0day.today•added 2010/03/09 12:0 a.m.•24 views

Croogo CMS versions 1.2 Cross Site Scripting Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ Croogo CMS versions 1.2 Cross Site Scripting Vulnerabilities ============================================================ Vulnerable Software: 1.2 and prior Release Date:...

7.1AI score

Exploits0

Packet Storm•added 2010/03/08 12:0 a.m.•23 views

Croogo CMS 1.2 Cross Site Scripting

0.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by