Lucene search
+L

198 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-6012

Malware in sbrugna...

6.1CVSS6.3AI score0.00679EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-6011

Malware in sbrugna...

6.1CVSS6.3AI score0.00679EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-6182

Malware in sbrugna...

7.5CVSS7.5AI score0.01361EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-6185

Malware in sbrugna...

6.1CVSS6.3AI score0.00934EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2020-6183

Malware in sbrugna...

5.3CVSS5.6AI score0.01579EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-6184

Malware in sbrugna...

7.5CVSS7.5AI score0.01165EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-23057

Malware in sbrugna...

8.8CVSS8.7AI score0.01104EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-6226

Malware in sbrugna...

9.8CVSS9.2AI score0.0123EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-6013

Malware in sbrugna...

6.1CVSS6.3AI score0.00679EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-9768

Malware in sbrugna...

5.4CVSS5.5AI score0.00581EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-31142

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00438EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:5 a.m.9 views

CVE-2022-28117

A Server-Side Request Forgery SSRF in feedparser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter...

4.9CVSS7.4AI score0.22903EPSS
Exploits6References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:13 p.m.11 views

CVE-2021-36454

Cross Site Scripting XSS vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1 backups\backups.php, 2 blocks\blocks.php, 3 brands\brands.php, 4 comments\comments.php, 5 coupons\coupons.php, 6 feeds\feeds.php, 7 functions\functions.php, 8 items\items.php, 9...

5.4CVSS6AI score0.00552EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:12 p.m.9 views

CVE-2021-36455

SQL Injection vulnerability in Naviwebs Navigate CMS 2.9 via the quicksearch parameter in \lib\packages\comments\comments.php...

8.8CVSS8.2AI score0.01104EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:53 p.m.4 views

CVE-2021-37478

In NavigateCMS version 2.9.4 and below, function block is vulnerable to sql injection on parameter block-order, which results in arbitrary sql query execution in the backend database...

9.8CVSS7.5AI score0.02162EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:45 p.m.10 views

CVE-2020-14015

An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is emailed an activation code that allows them to reset their password. There is, however, a flaw when no activation code is supplied. The system will allow an unauthorized user to continue setting a...

7.5CVSS7.1AI score0.01361EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 5:44 p.m.7 views

CVE-2020-14014

An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. The query parameter fid on the resource navigate.php does not perform sufficient data validation and/or encoding, making it vulnerable to reflected XSS...

5.4CVSS6.8AI score0.00649EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 5:44 p.m.8 views

CVE-2020-14067

The installfromhash functionality in Navigate CMS 2.9 does not consider the .phtml extension when examining files within a ZIP archive that may contain PHP code, in checkupload in lib/packages/extensions/extension.class.php and lib/packages/themes/theme.class.php...

9.8CVSS7AI score0.0123EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 5:43 p.m.6 views

CVE-2020-14018

An issue was discovered in Navigate CMS 2.9 r1433. There is a stored XSS vulnerability that is executed on the page to view users, and on the page to edit users. This is present in both the User field and the E-Mail field. On the Edit user page, the XSS is only triggered via the E-Mail field;...

6.1CVSS5.8AI score0.00934EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:19 p.m.8 views

CVE-2020-14017

An issue was discovered in Navigate CMS 2.9 r1433. Sessions, as well as associated information such as CSRF tokens, are stored in cleartext files in the directory /private/sessions. An unauthenticated user could use a brute-force approach to attempt to identify existing sessions, or view the...

7.5CVSS6.5AI score0.01165EPSS
Exploits1
Rows per page
Query Builder