Lucene search
+L

64 matches found

RedhatCVE
RedhatCVE
added 2025/10/04 12:56 a.m.7 views

CVE-2025-60452

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the download management module, specifically in the app\system\download\admin\downloadadmin.class.php component. The vulnerability allows attackers to upload malicious SVG...

6.1CVSS6.1AI score0.00213EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-32299

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00213EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-32300

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00213EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-32302

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00244EPSS
Exploits1References2
NVD
NVD
added 2025/10/03 2:15 p.m.5 views

CVE-2025-60454

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the image management module, specifically in the app\system\img\admin\imgadmin.class.php component. The vulnerability allows attackers to upload malicious SVG files containi...

6.1CVSS0.00244EPSS
Exploits1References1
OSV
OSV
added 2025/10/03 2:15 p.m.4 views

CVE-2025-60454

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the image management module, specifically in the app\system\img\admin\imgadmin.class.php component. The vulnerability allows attackers to upload malicious SVG files containi...

6.1CVSS5.8AI score0.00244EPSS
Exploits1References1
NVD
NVD
added 2025/10/03 2:15 p.m.5 views

CVE-2025-60450

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists due to insufficient validation and sanitization of SVG file uploads in the app\system\include\module\editor\Uploader.class.php component. This security flaw allows attackers to...

6.1CVSS0.00213EPSS
Exploits1References1
OSV
OSV
added 2025/10/03 2:15 p.m.5 views

CVE-2025-60450

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists due to insufficient validation and sanitization of SVG file uploads in the app\system\include\module\editor\Uploader.class.php component. This security flaw allows attackers to...

6.1CVSS5.8AI score0.00213EPSS
Exploits1References1
OSV
OSV
added 2025/10/03 2:15 p.m.5 views

CVE-2025-60451

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists due to insufficient validation and sanitization of SVG file uploads in the app\system\include\module\uploadify.class.php component, specifically in the website settings module...

6.1CVSS5.8AI score0.00213EPSS
Exploits1References1
NVD
NVD
added 2025/10/03 2:15 p.m.6 views

CVE-2025-60453

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the column management module, specifically in the app\system\column\admin\index.class.php component. The vulnerability allows attackers to upload malicious SVG files...

6.1CVSS0.00244EPSS
Exploits1References1
NVD
NVD
added 2025/10/03 2:15 p.m.7 views

CVE-2025-60452

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the download management module, specifically in the app\system\download\admin\downloadadmin.class.php component. The vulnerability allows attackers to upload malicious SVG...

6.1CVSS0.00213EPSS
Exploits1References1
OSV
OSV
added 2025/10/03 2:15 p.m.5 views

CVE-2025-60453

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the column management module, specifically in the app\system\column\admin\index.class.php component. The vulnerability allows attackers to upload malicious SVG files...

6.1CVSS5.8AI score0.00244EPSS
Exploits1References1
OSV
OSV
added 2025/10/03 2:15 p.m.4 views

CVE-2025-60452

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the download management module, specifically in the app\system\download\admin\downloadadmin.class.php component. The vulnerability allows attackers to upload malicious SVG...

6.1CVSS5.8AI score0.00213EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/10/03 12:0 a.m.12 views

CVE-2025-60452

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the download management module, specifically in the app\system\download\admin\downloadadmin.class.php component. The vulnerability allows attackers to upload malicious SVG...

0.00213EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/10/03 12:0 a.m.7 views

MetInfo CMS 安全漏洞

MetInfo CMS is a content management system CMS from China's Mito MetInfo. A security vulnerability exists in MetInfo CMS version 8.0, which originates from insufficient validation when uploading a malicious SVG file in the Columns Management module, which could lead to a stored cross-site scripti...

6.1CVSS5.9AI score0.00244EPSS
Exploits1References1
CVE
CVE
added 2025/10/03 12:0 a.m.11 views

CVE-2025-60453

MetInfo CMS 8.0 is affected in the column management module (app\system\column\admin\index.class.php). The issue is a stored XSS vulnerability that allows attackers to upload SVG files containing JavaScript, which executes when the uploaded file is viewed or accessed by users. This aligns with mu...

6.1CVSS5.7AI score0.00244EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/10/03 12:0 a.m.11 views

CVE-2025-60453

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the column management module, specifically in the app\system\column\admin\index.class.php component. The vulnerability allows attackers to upload malicious SVG files...

0.00244EPSS
Exploits1References1
CVE
CVE
added 2025/10/03 12:0 a.m.13 views

CVE-2025-60454

MetInfo CMS 8.0 is affected in the image management module. The XSS vulnerability arises from unvalidated SVG uploads in the file path app\system\img\admin\img_admin.class.php, enabling stored JavaScript execution when users view/access the uploaded SVG. Multiple connected sources corroborate thi...

6.1CVSS5.7AI score0.00244EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/10/03 12:0 a.m.15 views

CVE-2025-60451

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists due to insufficient validation and sanitization of SVG file uploads in the app\system\include\module\uploadify.class.php component, specifically in the website settings module...

0.00213EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/10/03 12:0 a.m.5 views

MetInfo CMS 安全漏洞

MetInfo CMS is a content management system CMS from China's Mito MetInfo. A security vulnerability exists in MetInfo CMS version 8.0, which stems from an unvalidated SVG file input in the download management module, which could lead to a stored cross-site scripting attack...

6.1CVSS5.9AI score0.00213EPSS
Exploits1References1
Rows per page
Query Builder