CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/06/06 3:16 p.m.•9 views

CVE-2026-11434

4.8CVSS0.00275EPSS

ATTACKERKB•added 2026/06/06 2:15 p.m.•6 views

CVE-2026-11434

4.8CVSS3.8AI score0.00275EPSS

Exploits0References5

Cvelist•added 2026/06/06 2:15 p.m.•37 views

CVE-2026-11434 FluentCMS Blocks Plugin blocks cross site scripting

4.8CVSS0.00275EPSS

Vulnrichment•added 2026/06/06 2:15 p.m.•8 views

CVE-2026-11434 FluentCMS Blocks Plugin blocks cross site scripting

4.8CVSS3.7AI score0.00275EPSS

EUVD•added 2026/06/06 2:15 p.m.•12 views

EUVD-2026-34969

4.8CVSS3.9AI score0.00275EPSS

Exploits0References5

CVE•added 2026/06/06 2:15 p.m.•26 views

CVE-2026-11434

CVE-2026-11434 affects FluentCMS 0.0.5, specifically the Blocks Plugin via an unknown function in the /admin/blocks file. The issue allows a cross site scripting (XSS) flaw due to manipulation of that function, with remote initiation possible. Public exploits exist according to the record, and th...

4.8CVSS3.8AI score0.00275EPSS

Positive Technologies•added 2026/06/06 12:0 a.m.•12 views

PT-2026-47156

Name of the Vulnerable Software and Affected Versions FluentCMS version 0.0.5 Description A cross-site scripting issue exists in the Blocks Plugin component within the '/admin/blocks' file. This flaw allows a remote attacker to initiate an attack through an unknown function in that file...

4.8CVSS5AI score0.00275EPSS

CNNVD•added 2026/06/06 12:0 a.m.•4 views

FluentCMS 代码注入漏洞

FluentCMS is an open-source content management system developed by FluentCMS. Version 0.0.5 of FluentCMS has a code injection vulnerability, which stems from unknown functions in the Blocks Plugin component file located at admin/blocks. This vulnerability may lead to cross-site scripting attacks...

4.8CVSS4.3AI score0.00275EPSS

Exploits0References6

RedhatCVE•added 2026/06/05 7:51 p.m.•8 views

CVE-2025-70842

A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...

5.4CVSS5.5AI score0.00138EPSS

EUVD•added 2026/05/12 3:31 p.m.•7 views

EUVD-2025-209787

5.4CVSS5.8AI score0.00138EPSS

Exploits0References3

NVD•added 2026/05/12 3:16 p.m.•14 views

CVE-2025-70842

5.4CVSS0.00138EPSS

ATTACKERKB•added 2026/05/12 12:0 a.m.•3 views

CVE-2025-70842

5.8AI score0.00138EPSS

Exploits0References3

Vulnrichment•added 2026/05/12 12:0 a.m.•8 views

CVE-2025-70842

5.8AI score0.00138EPSS

Cvelist•added 2026/05/12 12:0 a.m.•28 views

CVE-2025-70842

0.00138EPSS

CNNVD•added 2026/05/12 12:0 a.m.•7 views

FluentCMS 跨站脚本漏洞

FluentCMS is an open-source content management system developed by FluentCMS. Version 1.2.3 of FluentCMS has a cross-site scripting vulnerability. This vulnerability stems from a storage-based cross-site script in the file management module. It allows authenticated administrators to upload...

5.4CVSS5.6AI score0.00138EPSS

CVE•added 2026/05/12 12:0 a.m.•11 views

CVE-2025-70842

FluentCMS 1.2.3 is affected in its File Management module by a Stored XSS vulnerability. An authenticated administrator can upload crafted SVG files containing malicious JavaScript, and the injected script executes in the browser of any user who accesses the direct URL to the image, including una...

5.4CVSS5.8AI score0.00138EPSS

Positive Technologies•added 2026/05/12 12:0 a.m.•9 views

PT-2026-40033

5.4CVSS5.8AI score0.00138EPSS

Exploits0References3

RedhatCVE•added 2026/05/06 8:22 p.m.•6 views

CVE-2026-38947

FluentCMS 1.2.3 is vulnerable to Cross Site Scripting XSS in TextHTML plugin...

6.1CVSS5.8AI score0.00194EPSS