CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7210 matches found

NVD•added 2020/03/19 2:15 p.m.•8 views

CVE-2019-20524

ilchCMS 2.1.23 allows XSS via the index.php/partner/index Banner parameter...

6.1CVSS6AI score0.007EPSS

Exploits1References1

OSV•added 2020/03/19 2:15 p.m.•9 views

CVE-2019-20524

ilchCMS 2.1.23 allows XSS via the index.php/partner/index Banner parameter...

6.1CVSS5.8AI score

Exploits0References1

NVD•added 2020/03/19 2:15 p.m.•9 views

CVE-2019-20523

ilchCMS 2.1.23 allows XSS via the index.php/partner/index Name parameter...

6.1CVSS6AI score0.007EPSS

Exploits1References1

Prion•added 2020/03/19 2:15 p.m.•14 views

Cross site scripting

ilchCMS 2.1.23 allows XSS via the index.php/partner/index Banner parameter...

4.3CVSS6AI score0.007EPSS

Exploits1References1Affected Software1

Prion•added 2020/03/19 2:15 p.m.•10 views

Cross site scripting

ilchCMS 2.1.23 allows XSS via the index.php/partner/index Link parameter...

4.3CVSS6AI score0.00686EPSS

Exploits1References1Affected Software1

Cvelist•added 2020/03/19 1:53 p.m.•19 views

CVE-2019-20522

ilchCMS 2.1.23 allows XSS via the index.php/partner/index Link parameter...

6AI score0.00686EPSS

Exploits1References1

CVE•added 2020/03/19 1:53 p.m.•37 views

CVE-2019-20522

CVE-2019-20522 affects ilchCMS 2.1.23 and enables Cross-Site Scripting via the index.php/partner/index Link parameter. The connected sources consistently describe a client-side script execution vulnerability in ilchCMS, with no details provided on affected versions beyond 2.1.23 in public CVE rec...

6.1CVSS5.9AI score0.00686EPSS

Exploits1References1Affected Software1

Cvelist•added 2020/03/19 1:52 p.m.•12 views

CVE-2019-20523

ilchCMS 2.1.23 allows XSS via the index.php/partner/index Name parameter...

6AI score0.007EPSS

Exploits1References1

CVE•added 2020/03/19 1:52 p.m.•39 views

CVE-2019-20523

CVE-2019-20523 affects ilchCMS 2.1.23, where an XSS vulnerability exists in the index.php/partner/index Name parameter. The issue allows injection of script into client-side context, as described in public sources. The NVD entry lists an overall impact of low to partial integrity impact (I:L) wit...

6.1CVSS5.9AI score0.007EPSS

Exploits1References1Affected Software1

CVE•added 2020/03/19 1:50 p.m.•33 views

CVE-2019-20524

CVE-2019-20524 affects ilchCMS 2.1.23 and allows cross-site scripting via the Banner parameter in index.php/partner/index. The root cause is a reflected XSS vector that exposes client-side code execution opportunities when a banner parameter is manipulated, as described across multiple sources (e...

6.1CVSS5.9AI score0.007EPSS

Exploits1References1Affected Software1

CVE•added 2020/03/13 4:22 p.m.•48 views

CVE-2020-10218

The CVE-2020-10218 entry pertains to Sapplica Sentrifugo 3.2, where a Blind SQL Injection vulnerability exists in the index.php/holidaygroups/add id parameter caused by the HolidaydatesController.php addAction function. The issue allows an attacker to read data from the application’s database. Pu...

6.5CVSS7AI score0.01164EPSS

Exploits1References2Affected Software1

NVD•added 2020/03/12 2:15 p.m.•13 views

CVE-2020-10415

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/index.php by adding a question mark ? followed by the payload...

4.8CVSS5AI score0.00611EPSS

Exploits1References2

Cvelist•added 2020/03/12 1:4 p.m.•21 views

CVE-2020-10415

5AI score0.00611EPSS

Exploits1References2

Exploit DB•added 2020/03/12 12:0 a.m.•161 views

Joomla! Component com_newsfeeds 1.0 - 'feedid' SQL Injection

Exploit Title: Joomla! Component comnewsfeeds 1.0 - 'feedid' SQL Injection Date: 2020-03-10 Author: Milad Karimi Software Link: Version: Category : webapps Tested on: windows 10 , firefox CVE : CWE-89 Dork: inurl:index.php?option=comnewsfeeds...

7.4AI score

Exploits0

NVD•added 2020/03/09 5:15 p.m.•19 views

CVE-2015-7338

SQL Injection exists in AcyMailing Joomla Component before 4.9.5 via exportgeolocorder in a geolocationlongitude request to index.php...

7.2CVSS7.4AI score0.00982EPSS

Exploits1References1

Cvelist•added 2020/03/09 4:24 p.m.•20 views

CVE-2015-7338

SQL Injection exists in AcyMailing Joomla Component before 4.9.5 via exportgeolocorder in a geolocationlongitude request to index.php...

7.3AI score0.00982EPSS

Exploits1References1

exploitpack•added 2020/03/09 12:0 a.m.•103 views

60CycleCMS - news.php SQL Injection

60CycleCMS - news.php SQL Injection Exploit Title: 60CycleCMS - 'news.php' Multiple vulnerability Google Dork: N/A Date: 2020-02-10 Exploit Author: Unkn0wn Vendor Homepage: http://davidvg.com/ Software Link: https://www.opensourcecms.com/60cyclecms Version: 2.5.2 Tested on: Ubuntu CVE : N/A...

Exploits0

CVE•added 2020/03/05 12:42 p.m.•54 views

CVE-2020-10106

CVE-2020-10106 affects PHPGurukul Daily Expense Tracker System 1.0. The Red Hat/NVD entries confirm a SQL injection via the email parameter in index.php or register.php, enabling dumping of the MySQL database and bypassing the login prompt. The vulnerability is driven by improper handling of user...

9.8CVSS9.7AI score0.01184EPSS

Exploits1References1Affected Software1

NVD•added 2020/02/19 8:15 p.m.•19 views

CVE-2014-9615

Cross-site scripting XSS vulnerability in Netsweeper 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the url parameter to webadmin/deny/index.php...

6.1CVSS6.1AI score0.03705EPSS

Exploits1References1

CVE•added 2020/02/19 7:59 p.m.•93 views

CVE-2014-9615

Netsweeper 4.0.4 is affected by a cross-site scripting (XSS) vulnerability via the url parameter to webadmin/deny/index.php. The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to script execution in the victim’s browser. The Nuclei template confirms this...

6.1CVSS6AI score0.03705EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by