CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/09/11 3:19 a.m.•14 views

CVE-2025-10122

A vulnerability was found in Maccms10 2025.1000.4050. Affected is the function rep of the file application/admin/controller/Database.php. Performing manipulation of the argument where results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be use...

5.8CVSS5AI score0.003EPSS

Exploits0References1

OSV•added 2025/09/09 3:15 a.m.•3 views

CVE-2025-10122

7.2CVSS5.7AI score0.003EPSS

Cvelist•added 2025/09/09 2:32 a.m.•11 views

CVE-2025-10122 Maccms10 Database.php rep sql injection

5.8CVSS0.003EPSS

CNNVD•added 2025/09/09 12:0 a.m.•4 views

maccms10 SQL注入漏洞

maccms10 is magicblack open source PHP+MYSQL environment to run a set of perfect and powerful rapid site-building system. maccms10 2025.1000.4050 version of the SQL injection vulnerabilities exist in the file application/admin/controller/Database. maccms10 2025.1000.4050 version of the SQL...

7.2CVSS5.8AI score0.003EPSS

Positive Technologies•added 2025/09/09 12:0 a.m.•4 views

PT-2025-36564

Name of the Vulnerable Software and Affected Versions: Maccms10 version 2025.1000.4050 Description: A SQL injection issue exists in the rep function of the application/admin/controller/Database.php file. Manipulation of the where argument can lead to SQL injection. The attack can be initiated...

5.8CVSS5.3AI score0.003EPSS

Exploits0References9

CNNVD•added 2025/03/28 12:0 a.m.•7 views

maccms10 安全漏洞

maccms10 is magicblack open source a set of PHP + MYSQL environment running under the perfect and powerful rapid site building system. A security vulnerability exists in maccms10 version v2025.1000.4047, which originates from a server-side request forgery in the Capture Custom Interface feature...

9.1CVSS6.7AI score0.00377EPSS

CNNVD•added 2025/03/28 12:0 a.m.•4 views

maccms10 安全漏洞

maccms10 is magicblack open source a set of PHP + MYSQL environment running under the perfect and powerful rapid website building system. A security vulnerability exists in maccms10 version v2025.1000.4047, which originates from a server-side request forgery in the Add Article feature...

9.1CVSS6.8AI score0.00388EPSS

OSV•added 2023/02/01 10:15 p.m.•5 views

CVE-2022-47872

A Server-Side Request Forgery SSRF in maccms10 v2021.1000.2000 allows attackers to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module...

8.8CVSS5.9AI score0.00873EPSS

ATTACKERKB•added 2023/02/01 10:15 p.m.•2 views

CVE-2022-47872

8.8CVSS7.5AI score0.00873EPSS

ATTACKERKB•added 2022/03/25 7:15 p.m.•3 views

CVE-2022-27886

Maccms v10 was discovered to contain a reflected cross-site scripting XSS vulnerability in /admin.php/admin/ulog/index.html via the wd parameter...

6.1CVSS6.3AI score0.00547EPSS

ATTACKERKB•added 2022/03/25 7:15 p.m.•2 views

CVE-2022-27885

Maccms v10 was discovered to contain multiple reflected cross-site scripting XSS vulnerabilities in /admin.php/admin/website/data.html via the select and input parameters...

6.1CVSS6.3AI score0.00547EPSS

ATTACKERKB•added 2022/03/25 7:15 p.m.•3 views

CVE-2022-27884

Maccms v10 was discovered to contain a reflected cross-site scripting XSS vulnerability in /admin.php/admin/plog/index.html via the wd parameter...

6.1CVSS6.3AI score0.00547EPSS

OSV•added 2022/03/25 7:15 p.m.•7 views

CVE-2022-26573

Maccms v10 was discovered to contain multiple reflected cross-site scripting XSS vulnerabilities in /admin.php/admin/art/data.html via the select and input parameters...

6.1CVSS5.8AI score

Exploits0References2

Positive Technologies•added 2022/03/25 12:0 a.m.•7 views

PT-2022-17937

Name of the Vulnerable Software and Affected Versions Maccms version 10 Description The issue is related to multiple reflected cross-site scripting XSS vulnerabilities. These vulnerabilities are found in the /admin.php/admin/art/data.html endpoint via the select and input parameters...

6.1CVSS5.7AI score0.00559EPSS

Exploits1References5

CNNVD•added 2022/03/16 12:0 a.m.•1 views

Maccms 跨站脚本漏洞

Maccms is a PHP-based video content management system CMS. v10 version of Maccms is vulnerable to a cross-site scripting vulnerability that stems from the program's lack of data validation filtering of user-supplied data and output. An attacker can use the vulnerability to attack through the...

5.4CVSS5.2AI score0.00452EPSS

OSV•added 2021/10/04 9:15 p.m.•3 views

CVE-2020-21434

Maccms 10 contains a cross-site scripting XSS vulnerability in the Editing function under the Member module. This vulnerability is exploited via a crafted payload in the nickname text field...

5.4CVSS5.7AI score0.00503EPSS

OSV•added 2021/10/04 8:15 p.m.•2 views

CVE-2020-21387

A cross-site scripting XSS vulnerability in the parameter typeen of Maccms 10 allows attackers to obtain the administrator cookie and escalate privileges via a crafted payload...

6.1CVSS5.7AI score0.00555EPSS

OSV•added 2019/03/15 3:29 a.m.•3 views

CVE-2019-9829

Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a template/defaultpc/html/art Edit action. This occurs because template rendering uses an include operation on a cache file, which bypasses the prohibition of .php files as templates...

8.8CVSS7.6AI score0.02035EPSS