Lucene search
+L

91 matches found

cvelist
cvelist
added 2018/09/10 4:0 a.m.23 views

CVE-2018-16771

Hoosk v1.7.0 allows PHP code execution via a SiteUrl that is provided during installation and mishandled in config.php...

9.7AI score0.0267EPSS
Exploits1References1
cve
cve
added 2018/09/10 4:0 a.m.45 views

CVE-2018-16771

CVE-2018-16771 affects Hoosk v1.7.0. The vulnerability arises from a SiteUrl provided during installation being mishandled in config.php, enabling PHP code execution. Documents from NVD/OSV/CVE lists consistently attribute a PHP code execution impact with high/critical severity (CVSS v2/v3 provid...

9.8CVSS9.6AI score0.0267EPSS
Exploits1References1Affected Software1
cve
cve
added 2018/09/10 4:0 a.m.43 views

CVE-2018-16772

CVE-2018-16772 affects Hoosk v1.7.0. The vulnerability is a cross-site scripting (XSS) issue exploitable via the Navigation Title when creating a new page at admin/pages/new. The attack vector is user-facing via the web interface, with the underlying cause described as a navigation title handling...

4.8CVSS4.8AI score0.0067EPSS
Exploits1References1Affected Software1
cnvd
cnvd
added 2018/09/10 12:0 a.m.6 views

Hoosk Cross-Site Scripting Vulnerability

Hoosk is a lightweight user-centered content management system CMS. The system has built-in Codelgniter for creating responsive websites. A cross-site scripting vulnerability exists in Hoosk 1.7.0, which can be exploited by an attacker via the navigation title of a new page entered at...

4.8CVSS4.9AI score0.0067EPSS
Exploits1References1
cnvd
cnvd
added 2018/09/10 12:0 a.m.4 views

Hoosk PHP Code Execution Vulnerability

Hoosk is a user-centered content management system CMS. The system has built-in Codelgniter for creating responsive websites. Hoosk 1.7.0 suffers from a PHP code execution vulnerability that can be exploited by an attacker to execute arbitrary code via the SiteUrl provided during installation...

9.8CVSS9.9AI score0.0267EPSS
Exploits1References1
cnvd
cnvd
added 2018/03/02 12:0 a.m.7 views

Hoosk Cross-Site Request Forgery Vulnerability

Hoosk is a lightweight user-centered content management system CMS. The system has built-in Codelgniter for creating responsive websites. A cross-site request forgery vulnerability exists in Hoosk version 1.7.0. A remote attacker can exploit the vulnerability to create an account with the help of...

8.8CVSS6.9AI score0.00591EPSS
Exploits0References1
osv
osv
added 2018/03/01 10:29 p.m.15 views

CVE-2018-7590

CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in account creation...

8.8CVSS7.2AI score0.00591EPSS
Exploits0References1
prion
prion
added 2018/03/01 10:29 p.m.17 views

Cross site request forgery (csrf)

CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in account creation...

6.8CVSS8.7AI score0.00591EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2018/03/01 10:29 p.m.14 views

CVE-2018-7590

CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in account creation...

8.8CVSS8.7AI score0.00591EPSS
Exploits0References1
cvelist
cvelist
added 2018/03/01 9:0 p.m.16 views

CVE-2018-7590

CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in account creation...

8.8AI score0.00591EPSS
Exploits0References1
cve
cve
added 2018/03/01 9:0 p.m.43 views

CVE-2018-7590

Hoosk CMS version 1.7.0 is affected by a Cross-Site Request Forgery (CSRF) vulnerability via the endpoint /admin/users/new/add, which allows an attacker to cause account creation. The issue is documented across multiple feeds (NVD/CNVD/osv/prion variants) with the same description. Connections co...

8.8CVSS8.7AI score0.00591EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder