Lucene search
K

27 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-24204

Malware in sbrugna...

5.4CVSS5.6AI score0.00482EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 3:19 p.m.6 views

CVE-2020-21881

Cross Site Request Forgery CSRF vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add...

6.5CVSS7.2AI score0.00337EPSS
Exploits1
Prion
Prion
added 2023/07/31 4:15 p.m.16 views

Cross site scripting

Cross Site Scripting XSS vulnerability in DuxCMS 2.1 allows remote attackers to run arbitrary code via the content, time, copyfrom parameters when adding or editing a post...

4.9CVSS5.5AI score0.00482EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/07/31 2:15 p.m.23 views

Cross site request forgery (csrf)

Cross Site Request Forgery CSRF vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add...

4.3CVSS6.6AI score0.00337EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/07/31 12:0 a.m.48 views

CVE-2020-36763

CVE-2020-36763 involves a Cross-Site Scripting (XSS) flaw in DuxCMS 2.1. The issue allows remote attackers to execute arbitrary scripts by manipulating the content , time , and copyfrom parameters when adding or editing a post. Root cause: insufficient input validation/escaping in these fields. I...

5.4CVSS5.4AI score0.00482EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/07/31 12:0 a.m.5 views

DuxCMS 跨站请求伪造漏洞

DuxCMS is an open source content management system. A cross-site request forgery vulnerability exists in DuxCMS version 2.1, which originates from admin.php that allows remote attackers to modify application data via article/admin/content/add...

6.5CVSS6.4AI score0.00337EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/07/31 12:0 a.m.18 views

CVE-2020-21881

Cross Site Request Forgery CSRF vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add...

6.6AI score0.00337EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/31 12:0 a.m.14 views

CVE-2020-21881

Cross Site Request Forgery CSRF vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add...

7.2AI score0.00337EPSS
Exploits1References1
CVE
CVE
added 2023/07/31 12:0 a.m.55 views

CVE-2020-21881

DuxCMS 2.1 contains a Cross Site Request Forgery (CSRF) vulnerability in admin.php (endpoint article/admin/content/add) that allows remote attackers to modify application data. The issue is documented across multiple sources (e.g., CVE-2020-21881) with remediation guidance suggesting CSRF token v...

6.5CVSS6.6AI score0.00337EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/07/06 2:15 p.m.4 views

CVE-2020-21862

Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admin/AdminBackup/del...

8.1CVSS5.9AI score0.00798EPSS
Exploits1References1
NVD
NVD
added 2023/07/06 2:15 p.m.13 views

CVE-2020-21862

Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admin/AdminBackup/del...

8.1CVSS8.1AI score0.00798EPSS
Exploits1References1
NVD
NVD
added 2023/07/06 2:15 p.m.13 views

CVE-2020-21861

File upload vulnerability in DuxCMS 2.1 allows attackers to execute arbitrary php code via duxcms/AdminUpload/upload...

8.8CVSS9AI score0.00589EPSS
Exploits1References1
Prion
Prion
added 2023/07/06 2:15 p.m.15 views

Directory traversal

Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admin/AdminBackup/del...

5.5CVSS8AI score0.00798EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/07/06 2:15 p.m.15 views

Unrestricted file upload

File upload vulnerability in DuxCMS 2.1 allows attackers to execute arbitrary php code via duxcms/AdminUpload/upload...

6.5CVSS8.9AI score0.00589EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/07/06 12:0 a.m.19 views

CVE-2020-21861

File upload vulnerability in DuxCMS 2.1 allows attackers to execute arbitrary php code via duxcms/AdminUpload/upload...

9AI score0.00589EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/06 12:0 a.m.10 views

CVE-2020-21861

File upload vulnerability in DuxCMS 2.1 allows attackers to execute arbitrary php code via duxcms/AdminUpload/upload...

7.8AI score0.00589EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/07/06 12:0 a.m.5 views

PT-2023-11605 · Duxcms · Duxcms

Name of the Vulnerable Software and Affected Versions: DuxCMS version 2.1 Description: A directory traversal issue allows attackers to delete arbitrary files via the /admin/AdminBackup/del API endpoint. This enables attackers to potentially disrupt system functionality or destroy sensitive data...

8.1CVSS8AI score0.00798EPSS
Exploits1References3
CVE
CVE
added 2023/07/06 12:0 a.m.30 views

CVE-2020-21862

CVE-2020-21862 is a directory traversal vulnerability in DuxCMS 2.1 that allows an attacker to delete arbitrary files via the /admin/AdminBackup/del endpoint. The issue is rooted in a traversal flaw in the AdminBackup API, enabling unauthorized file deletion and potential data loss. Public detail...

8.1CVSS8AI score0.00798EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/07/06 12:0 a.m.32 views

CVE-2020-21861

CVE-2020-21861 concerns DuxCMS 2.1 with a file upload vulnerability in duxcms/AdminUpload/upload that allows attackers to execute arbitrary PHP code. The affected software is DuxCMS 2.1; the vulnerable trigger is the AdminUpload/upload endpoint, enabling arbitrary code execution with high impact ...

8.8CVSS8.9AI score0.00589EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/07/06 12:0 a.m.16 views

CVE-2020-21862

Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admin/AdminBackup/del...

8.1AI score0.00798EPSS
Exploits1References1
Rows per page
Query Builder