Lucene search
K

25 matches found

OSV
OSV
added 2019/03/21 4:1 p.m.3 views

CVE-2019-8938

VertrigoServ 2.17 allows XSS via the /inc/extensions.php ext parameter...

6.1CVSS6.3AI score0.01516EPSS
Exploits3References3
NVD
NVD
added 2017/09/12 9:29 p.m.17 views

CVE-2017-14399

In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend\media\ajaxrename.php via the extension parameter, as demonstrated by changing the extension from .jpg to .php...

8.8CVSS8.7AI score0.01047EPSS
Exploits0References1
Prion
Prion
added 2017/09/12 9:29 p.m.15 views

Unrestricted file upload

In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend\media\ajaxrename.php via the extension parameter, as demonstrated by changing the extension from .jpg to .php...

6.5CVSS8.6AI score0.01047EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2013/01/24 1:55 a.m.21 views

CVE-2012-6511

Multiple cross-site scripting XSS vulnerabilities in organizer/page/users.php in the Organizer plugin 1.2.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 deleteid parameter or 2 extension parameter in an "Update Setting" action to wp-admin/admin.php...

4.3CVSS5.9AI score0.02503EPSS
Exploits1References4
OSV
OSV
added 2005/05/02 4:0 a.m.5 views

DEBIAN-CVE-2005-0567

Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the 1 theme parameter to phpmyadmin.css.php or 2 cfgServerextension parameter to databaseinterface.lib.php to reference a URL on a remote web server that contai...

7.5CVSS7.7AI score0.02726EPSS
Exploits0References1
Rows per page
Query Builder