CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability was found in annyshow DuxCMS 2.1. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier ...

8CVSS6.8AI score0.00245EPSS

Exploits1

RedhatCVE•added 2025/05/22 5:36 p.m.•6 views

CVE-2020-36609

A vulnerability was found in annyshow DuxCMS 2.1. It has been classified as problematic. This affects an unknown part of the file admin.php=article/AdminContent/edit of the component Article Handler. The manipulation of the argument content leads to cross site scripting. It is possible to initiat...

5.4CVSS6.2AI score0.00293EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:35 p.m.•5 views

CVE-2020-36763

Cross Site Scripting XSS vulnerability in DuxCMS 2.1 allows remote attackers to run arbitrary code via the content, time, copyfrom parameters when adding or editing a post...

5.4CVSS6.3AI score0.00058EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:19 p.m.•4 views

CVE-2020-21862

Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admin/AdminBackup/del...

8.1CVSS7AI score0.00179EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:19 p.m.•5 views

CVE-2020-21861

File upload vulnerability in DuxCMS 2.1 allows attackers to execute arbitrary php code via duxcms/AdminUpload/upload...

8.8CVSS7.8AI score0.00103EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:19 p.m.•4 views

CVE-2020-21881

Cross Site Request Forgery CSRF vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add...

6.5CVSS7.2AI score0.00061EPSS

Exploits1

CNNVD•added 2024/06/18 12:0 a.m.•2 views

DuxCMS SQL Injection Vulnerability

DuxCMS is an open source content management system. A SQL injection vulnerability exists in DuxCMS version v3.1.3, which originates from the keyword parameter in /article/Content/index?classid contains a SQL injection vulnerability...

6CVSS8AI score0.02692EPSS

Exploits1References3

OSV•added 2023/07/31 4:15 p.m.•1 views

CVE-2020-36763

Cross Site Scripting XSS vulnerability in DuxCMS 2.1 allows remote attackers to run arbitrary code via the content, time, copyfrom parameters when adding or editing a post...

5.4CVSS6AI score0.00058EPSS

Exploits1References1

Prion•added 2023/07/31 4:15 p.m.•12 views

Cross site scripting

Cross Site Scripting XSS vulnerability in DuxCMS 2.1 allows remote attackers to run arbitrary code via the content, time, copyfrom parameters when adding or editing a post...

4.9CVSS5.5AI score0.00058EPSS

Exploits1References1Affected Software1

NVD•added 2023/07/31 2:15 p.m.•6 views

CVE-2020-21881

Cross Site Request Forgery CSRF vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add...

6.5CVSS6.6AI score0.00061EPSS

Exploits1References1

OSV•added 2023/07/31 2:15 p.m.•1 views

CVE-2020-21881

Cross Site Request Forgery CSRF vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add...

6.5CVSS5.8AI score0.00061EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by