CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A directory traversal issue in KiteCMS 1.1.1 allows remote administrators to overwrite arbitrary files via ../ in the path parameter to index.php/admin/Template/fileedit, with PHP code in the html parameter...

6.5CVSS6.8AI score0.00593EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 7:42 p.m.•5 views

CVE-2021-31707

Permissions vulnerability found in KiteCMS allows a remote attacker to execute arbitrary code via the upload file type...

9.8CVSS8AI score0.02367EPSS

Exploits0

RedhatCVE•added 2025/05/22 6:39 p.m.•7 views

CVE-2021-36546

Incorrect Access Control issue discovered in KiteCMS 1.1 allows remote attackers to view sensitive information via path in application URL...

7.5CVSS6.6AI score0.0023EPSS

Exploits1

RedhatCVE•added 2025/05/22 6:33 p.m.•5 views

CVE-2021-3267

File Upload vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary code via the uploadFile function...

7.2CVSS7.9AI score0.01928EPSS

Exploits1

RedhatCVE•added 2025/05/22 5:5 p.m.•3 views

CVE-2020-20672

An arbitrary file upload vulnerability in /admin/upload/uploadfile of KiteCMS V1.1 allows attackers to getshell via a crafted PHP file...

7.8CVSS7AI score0.00201EPSS

Exploits1

RedhatCVE•added 2025/05/22 5:5 p.m.•6 views

CVE-2020-20521

Cross Site Scripting vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary code via the comment parameter...

6.1CVSS7.3AI score0.00851EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:29 p.m.•5 views

CVE-2020-20522

Cross Site Scripting vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary code via the registering user parameter...

6.1CVSS7.3AI score0.00851EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:18 p.m.•2 views

CVE-2020-20671

A cross-site request forgery CSRF in KiteCMS V1.1 allows attackers to arbitrarily add an administrator account...

8.8CVSS6.9AI score0.00141EPSS

Exploits1

OSV•added 2023/04/04 3:15 p.m.•0 views

CVE-2021-31707

Permissions vulnerability found in KiteCMS allows a remote attacker to execute arbitrary code via the upload file type...

9.8CVSS6.1AI score0.02367EPSS

Exploits0References2

NVD•added 2023/04/04 3:15 p.m.•9 views

CVE-2021-3267

File Upload vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary code via the uploadFile function...

7.2CVSS7.3AI score0.01928EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by