Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

313 matches found

Positive Technologies
Positive Technologiesadded 2023/09/28 12:0 a.m.3 views

PT-2023-28960 · Unknown · Online Book Store Project

Name of the Vulnerable Software and Affected Versions: Online Book Store Project version 1.0 Description: The issue allows an authenticated attacker to obtain Remote Code Execution on the server hosting the application via an Insecure File Upload vulnerability on the image parameter of the "admin...

8.8CVSS8.6AI score0.01212EPSS
Exploits1References7
OSV
OSVadded 2023/08/17 12:15 p.m.17 views

CVE-2023-38838

SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via the edit.php component...

7.5CVSS7.3AI score0.00746EPSS
Exploits1References3
NVD
NVDadded 2023/08/17 12:15 p.m.18 views

CVE-2023-38838

SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via the edit.php component...

7.5CVSS7.6AI score0.00746EPSS
Exploits1References3
Prion
Prionadded 2023/08/17 12:15 p.m.11 views

Sql injection

SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via the edit.php component...

5CVSS7.5AI score0.00746EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2023/08/17 12:0 a.m.9 views

CVE-2023-38838

SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via the edit.php component...

7.6AI score0.00746EPSS
Exploits1References3
CNNVD
CNNVDadded 2023/08/17 12:0 a.m.2 views

Minimati SQL注入漏洞

Minimati is a simple, lightweight and open source CMS by Kidus Personal Developers. A security vulnerability exists in Minimati version v.1.0.0, which stems from the presence of a SQL injection vulnerability that allows remote attackers to obtain sensitive information via the edit.php component...

7.5CVSS7.5AI score0.00746EPSS
Exploits1References4
Cvelist
Cvelistadded 2023/08/17 12:0 a.m.21 views

CVE-2023-38838

SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via the edit.php component...

7.8AI score0.00746EPSS
Exploits1References3
Prion
Prionadded 2022/12/07 2:15 a.m.14 views

Sql injection

Simple Phone Book/Directory Web App v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at /PhoneBook/edit.php...

7.5CVSS9.8AI score0.00832EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2022/10/18 3:15 p.m.15 views

CVE-2022-41544

GetSimple CMS v3.3.16 was discovered to contain a remote code execution RCE vulnerability via the editedfile parameter in admin/theme-edit.php...

9.8CVSS0.09442EPSS
Exploits12References2
Cvelist
Cvelistadded 2022/10/18 12:0 a.m.25 views

CVE-2022-41544

GetSimple CMS v3.3.16 was discovered to contain a remote code execution RCE vulnerability via the editedfile parameter in admin/theme-edit.php...

10AI score0.09442EPSS
Exploits12References2
CVE
CVEadded 2022/10/18 12:0 a.m.114 views

CVE-2022-41544

Summary: CVE-2022-41544 affects GetSimple CMS 3.3.16 and earlier. The vulnerability enables remote code execution via the theme editor (admin/theme-edit.php), with proven exploitation paths that upload and execute PHP shells. Public PoCs and exploits exist (GitHub scripts and a PacketsStorm write...

9.8CVSS9.8AI score0.09442EPSS
Exploits12References2Affected Software1
Vulnrichment
Vulnrichmentadded 2022/10/18 12:0 a.m.6 views

CVE-2022-41544

GetSimple CMS v3.3.16 was discovered to contain a remote code execution RCE vulnerability via the editedfile parameter in admin/theme-edit.php...

9.8AI score0.09442EPSS
Exploits12References2
Positive Technologies
Positive Technologiesadded 2022/10/11 12:0 a.m.3 views

PT-2022-26317 · Unknown · Wedding Planner

Name of the Vulnerable Software and Affected Versions: Wedding Planner version 1.0 Description: The issue allows for arbitrary code execution via the "package edit.php" endpoint. Recommendations: For version 1.0, update to a version that fixes this issue, if available, or consider disabling acces...

8.8CVSS8.9AI score0.00995EPSS
Exploits1References3
Prion
Prionadded 2022/08/11 5:15 a.m.16 views

Cross site scripting

A vulnerability was found in SourceCodester Simple Online Book Store System. It has been classified as problematic. Affected is an unknown function of the file /admin/edit.php. The manipulation of the argument eid leads to cross site scripting. It is possible to launch the attack remotely. The...

5.8CVSS6.1AI score0.00384EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/08/11 4:56 a.m.21 views

CVE-2022-2748 SourceCodester Simple Online Book Store System edit.php cross site scripting

A vulnerability was found in SourceCodester Simple Online Book Store System. It has been classified as problematic. Affected is an unknown function of the file /admin/edit.php. The manipulation of the argument eid leads to cross site scripting. It is possible to launch the attack remotely. The...

3.5CVSS6.3AI score0.00384EPSS
Exploits0References1
NVD
NVDadded 2022/06/28 10:15 p.m.14 views

CVE-2020-19896

File inclusion vulnerability in Minicms v1.9 allows remote attackers to execute arbitary PHP code via post-edit.php...

9.8CVSS0.01311EPSS
Exploits1References1
OSV
OSVadded 2022/06/28 10:15 p.m.20 views

CVE-2020-19896

File inclusion vulnerability in Minicms v1.9 allows remote attackers to execute arbitary PHP code via post-edit.php...

9.8CVSS7.5AI score
Exploits0References1
CVE
CVEadded 2022/06/28 9:15 p.m.69 views

CVE-2020-19896

CVE-2020-19896 affects Minicms v1.9 and is a file inclusion vulnerability that lets remote attackers execute arbitrary PHP code via the file post-edit.php. The NVD metrics indicate a CVSSv3.1 base score of 9.8 (CRITICAL) with network access, low attack complexity, no user interaction, and impacts...

9.8CVSS9.6AI score0.01311EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2022/06/13 6:15 p.m.23 views

CVE-2021-41663

A cross-site scripting XSS vulnerability exists in Mini CMS V1.11. The vulnerability exists in the article upload: post-edit.php page...

6.1CVSS0.00964EPSS
Exploits1References3
Prion
Prionadded 2022/06/13 6:15 p.m.20 views

Cross site scripting

A cross-site scripting XSS vulnerability exists in Mini CMS V1.11. The vulnerability exists in the article upload: post-edit.php page...

4.3CVSS5.9AI score0.00964EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder