Lucene search
K

109 matches found

RedhatCVE
RedhatCVE
added 2026/01/19 12:22 a.m.8 views

CVE-2026-1105

A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was...

9.8CVSS7.2AI score0.0044EPSS
Exploits1References1
OSV
OSV
added 2026/01/18 12:15 a.m.3 views

CVE-2026-1105

A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was...

9.8CVSS5.7AI score0.0044EPSS
Exploits1References4
NVD
NVD
added 2026/01/18 12:15 a.m.8 views

CVE-2026-1105

A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was...

9.8CVSS0.0044EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/01/18 12:0 a.m.6 views

EasyCMS SQL Injection Vulnerability

EasyCMS is a PHP-based website building system from the EasyCMS community. Versions of EasyCMS 1.6 and earlier have a SQL injection vulnerability. This vulnerability stems from incorrect handling of the order parameter in the File/UserAction.class.php file, which may lead to SQL injection attacks...

9.8CVSS7.2AI score0.0044EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/01/17 11:32 p.m.31 views

CVE-2026-1105 EasyCMS UserAction.class.php sql injection

A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was...

7.5CVSS0.0044EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/01/17 11:32 p.m.3 views

CVE-2026-1105 EasyCMS UserAction.class.php sql injection

A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was...

7.5CVSS5.5AI score0.0044EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/01/17 11:32 p.m.4 views

CVE-2026-1105

A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was...

9.8CVSS5.3AI score0.0044EPSS
Exploits1References4
CVE
CVE
added 2026/01/17 11:32 p.m.16 views

CVE-2026-1105

CVE-2026-1105 affects EasyCMS up to 1.6, with a flaw in the /UserAction.class.php file that allows manipulation of the _order argument, resulting in SQL injection. Documents from NVD/Red Hat indicate remote, publicly exploitable behavior and claim high impact (possible data disclosure/integrity/a...

9.8CVSS6.8AI score0.0044EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/17 12:0 a.m.10 views

PT-2026-3373

Name of the Vulnerable Software and Affected Versions EasyCMS versions up to 1.6 Description A flaw exists in EasyCMS that allows for remote code execution. The issue stems from the manipulation of the order argument within the /UserAction.class.php file, leading to a SQL injection. The exploit i...

9.8CVSS7.7AI score0.0044EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2026/01/09 10:55 a.m.9 views

CVE-2022-23358

EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement...

9.8CVSS7.9AI score0.01213EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-2447

Malware in sbrugna...

6.1CVSS6.3AI score0.00692EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-17006

Malware in sbrugna...

8.8CVSS8.7AI score0.00602EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-8559

Malware in sbrugna...

6.1CVSS6.3AI score0.00707EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-4924

Malware in sbrugna...

6.5CVSS6.6AI score0.00447EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-8192

Malware in sbrugna...

8.8CVSS8.8AI score0.00523EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-8891

Malware in sbrugna...

6.1CVSS6.3AI score0.00643EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-2599

Malware in sbrugna...

5.4CVSS5.5AI score0.00545EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-15859

Malware in sbrugna...

8.8CVSS8.8AI score0.00523EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-8573

Malware in sbrugna...

4.8CVSS5.1AI score0.00548EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-28437

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01213EPSS
Exploits1References1
Rows per page
Query Builder