Lucene search
K

27 matches found

CNNVD
CNNVD
added 2021/08/16 12:0 a.m.6 views

Crocoblock JetEngine 跨站脚本漏洞

Crocoblock JetEngine is a dynamic content plugin that allows you to build complex websites quickly and cost-effectively.A cross-site scripting vulnerability exists in Crocoblock JetEngine that can be exploited by attackers to perform XSS via custom form input...

5.4CVSS5.1AI score0.00605EPSS
Exploits0References2
Prion
Prion
added 2019/12/11 8:15 p.m.16 views

Information disclosure

An issue was discovered in core/assets/form/formquestiontypes/formquestiontypefileupload/formquestiontypefileupload.inc in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can delete arbitrary files from the server...

7.5CVSS8.6AI score0.0344EPSS
Exploits3References4Affected Software1
Cvelist
Cvelist
added 2019/12/11 7:10 p.m.35 views

CVE-2019-19374

An issue was discovered in core/assets/form/formquestiontypes/formquestiontypefileupload/formquestiontypefileupload.inc in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can delete arbitrary files from the server...

8.8AI score0.0344EPSS
Exploits3References4
Microsoft KB
Microsoft KB
added 2019/01/08 8:0 a.m.62 views

Description of the security update for Outlook 2016: January 8, 2019

None None...

6.5CVSS6.6AI score0.06783EPSS
Exploits0
Prion
Prion
added 2008/11/10 3:23 p.m.29 views

Authorization

The Nagios process in 1 Nagios before 3.0.5 and 2 op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an a custom form or a b browser addon...

6.5CVSS6.4AI score0.06738EPSS
Exploits0References15Affected Software2
Cvelist
Cvelist
added 2008/11/10 3:0 p.m.39 views

CVE-2008-5027

The Nagios process in 1 Nagios before 3.0.5 and 2 op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an a custom form or a b browser addon...

7.2AI score0.06738EPSS
Exploits0References15
NVD
NVD
added 2005/05/02 4:0 a.m.15 views

CVE-2005-0820

Microsoft Office InfoPath 2003 SP1 includes sensitive information in the Manifest.xsf file in a custom .xsn form, which allows attackers to obtain printer and network information, obtain the database name, username, and password, or obtain the internal web server name...

5CVSS6AI score0.01189EPSS
Exploits0References4
Rows per page
Query Builder