CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

282 matches found

Cvelist•added 2018/08/31 11:0 p.m.•21 views

CVE-2018-16298

An issue was discovered in MiniCMS 1.10. There is an mc-admin/post.php?tag= XSS vulnerability for a state=delete, state=draft, or state=publish request...

6.1AI score0.00865EPSS

Exploits1References1

CVE•added 2018/08/31 11:0 p.m.•49 views

CVE-2018-16298

MiniCMS 1.10 is affected by a cross-site scripting (XSS) vulnerability in the admin endpoint mc-admin/post.php?tag= where requests with state=delete, state=draft, or state=publish can inject script or HTML. The flaw is triggered via the tag parameter and is present in the public CVE entries acros...

6.1CVSS5.9AI score0.00865EPSS

Exploits1References1Affected Software1

CNVD•added 2018/08/31 12:0 a.m.•3 views

MiniCMS Cross-Site Scripting Vulnerability (CNVD-2018-17188)

MiniCMS is a micro content management system designed for personal websites. A cross-site scripting vulnerability exists in MiniCMS 1.10. An attacker can exploit this vulnerability by using the mc-admin/post-edit.php tags parameter to conduct cross-site scripting attacks...

6.1CVSS5.3AI score0.00865EPSS

Exploits1References1

NVD•added 2018/08/30 10:29 p.m.•14 views

CVE-2018-16233

MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter...

6.1CVSS5.3AI score0.00865EPSS

Exploits1References1

Prion•added 2018/08/30 10:29 p.m.•16 views

Design/Logic Flaw

MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter...

4.3CVSS5.3AI score0.00865EPSS

Exploits1References1Affected Software1

OSV•added 2018/08/30 10:29 p.m.•16 views

CVE-2018-16233

MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter...

6.1CVSS5.7AI score

Exploits0References1

Cvelist•added 2018/08/30 10:0 p.m.•26 views

CVE-2018-16233

MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter...

5.3AI score0.00865EPSS

Exploits1References1

CVE•added 2018/08/30 10:0 p.m.•66 views

CVE-2018-16233

Technical details for CVE-2018-16233 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.

6.1CVSS5.2AI score0.00865EPSS

Exploits1References1Affected Software1

NVD•added 2018/08/27 4:29 a.m.•32 views

CVE-2018-15899

An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS vulnerability...

6.1CVSS6AI score0.00878EPSS

Exploits1References2

Prion•added 2018/08/27 4:29 a.m.•21 views

Spoofing

An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS vulnerability...

4.3CVSS6AI score0.00878EPSS

Exploits1References1Affected Software1

OSV•added 2018/08/27 4:29 a.m.•28 views

CVE-2018-15899

An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS vulnerability...

6.1CVSS6AI score0.00878EPSS

Exploits1References2

CVE•added 2018/08/27 4:0 a.m.•57 views

CVE-2018-15899

CVE-2018-15899 concerns a cross-site scripting (XSS) vulnerability in MiniCMS 1.10. The issue is triggered via the date parameter in the post.php file (post.php?date=), allowing remote attackers to inject arbitrary web script or HTML. Public descriptions across multiple sources (NVD, CNVD) confir...

6.1CVSS5.9AI score0.00878EPSS

Exploits1References2Affected Software1

Cvelist•added 2018/08/27 4:0 a.m.•33 views

CVE-2018-15899

An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS vulnerability...

6AI score0.00878EPSS

Exploits1References2

Positive Technologies•added 2018/08/27 12:0 a.m.•4 views

PT-2018-13279

Name of the Vulnerable Software and Affected Versions MiniCMS version 1.10 Description An issue was discovered in MiniCMS. There is a post.php?date= XSS vulnerability. Recommendations For MiniCMS version 1.10, update to a version that fixes the XSS vulnerability in the post.php endpoint,...

6.1CVSS6.2AI score0.00878EPSS

Exploits1References5

CNVD•added 2018/08/27 12:0 a.m.•4 views

MiniCMS Cross-Site Scripting Vulnerability (CNVD-2018-18140)

MiniCMS is a mini content management system CMS designed for personal websites. A cross-site scripting vulnerability exists in the post.php file in MiniCMS version 1.10. The vulnerability can be exploited by remote attackers to inject arbitrary web script or HTML with the help of the 'date'...

6.1CVSS5.9AI score0.00878EPSS

Exploits1References1

NVD•added 2018/08/20 7:31 p.m.•16 views

CVE-2018-1000638

MiniCMS version 1.1 contains a Cross Site Scripting XSS vulnerability in http://example.org/mc-admin/page.php?date=payload that can result in code injection...

6.1CVSS6.3AI score0.02191EPSS

Exploits3References1

OSV•added 2018/08/20 7:31 p.m.•21 views

CVE-2018-1000638

MiniCMS version 1.1 contains a Cross Site Scripting XSS vulnerability in http://example.org/mc-admin/page.php?date=payload that can result in code injection...

6.1CVSS6.3AI score

Exploits0References1

Prion•added 2018/08/20 7:31 p.m.•19 views

Cross site scripting

MiniCMS version 1.1 contains a Cross Site Scripting XSS vulnerability in http://example.org/mc-admin/page.php?date=payload that can result in code injection...

4.3CVSS6.3AI score0.02191EPSS

Exploits3References1Affected Software1

Cvelist•added 2018/08/20 7:0 p.m.•26 views

CVE-2018-1000638

MiniCMS version 1.1 contains a Cross Site Scripting XSS vulnerability in http://example.org/mc-admin/page.php?date=payload that can result in code injection...

6.3AI score0.02191EPSS

Exploits3References1

CVE•added 2018/08/20 7:0 p.m.•71 views

CVE-2018-1000638

CVE-2018-1000638 affects MiniCMS 1.1 with a Cross-Site Scripting (XSS) vulnerability in the URL parameter mc-admin/page.php?date={payload}. The vulnerability allows injection when the GET parameter date is echoed without proper encoding, per multiple sources, including exploit references with PoC...

6.1CVSS6.2AI score0.02191EPSS

Exploits3References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by