Lucene search
K

198 matches found

CNVD
CNVD
added 2021/07/27 12:0 a.m.11 views

Navigate CMS sql injection vulnerability (CNVD-2021-57422)

Navigate CMS is a powerful and intuitive content management system. A sql injection vulnerability exists in the childrenorder parameter in structure.php in Navigate CMS 2.9.4 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary sql queries in the backend database...

9.8CVSS9.7AI score0.02162EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/27 12:0 a.m.16 views

Navigate CMS Cross-Site Scripting Vulnerability (CNVD-2021-57427)

Navigate CMS, a powerful and intuitive content management system, is vulnerable to a cross-site scripting vulnerability in Navigate CMS version 2.9. The vulnerability can be exploited to conduct cross-site scripting attacks via the "Create" or "Edit" function of the "Tools" feature...

4.8CVSS4.4AI score0.00527EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/27 12:0 a.m.33 views

Navigate CMS sql injection vulnerability (CNVD-2021-57421)

Navigate CMS is a powerful and intuitive content management system. A sql injection vulnerability exists in the id parameter in product.php in Navigate CMS 2.9.4 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary sql queries in the backend database...

9.8CVSS9.7AI score0.02162EPSS
Exploits1References1
OSV
OSV
added 2021/07/26 6:15 p.m.6 views

CVE-2021-37477

In NavigateCMS version 2.9.4 and below, function in structure.php is vulnerable to sql injection on parameter childrenorder, which results in arbitrary sql query execution in the backend database...

9.8CVSS6AI score0.02162EPSS
Exploits1References3
OSV
OSV
added 2021/07/26 6:15 p.m.5 views

CVE-2021-37478

In NavigateCMS version 2.9.4 and below, function block is vulnerable to sql injection on parameter block-order, which results in arbitrary sql query execution in the backend database...

9.8CVSS6AI score0.02162EPSS
Exploits1References3
OSV
OSV
added 2021/07/26 6:15 p.m.4 views

CVE-2021-37475

In NavigateCMS version 2.9.4 and below, function in templates.php is vulnerable to sql injection on parameter template-properties-order, which results in arbitrary sql query execution in the backend database...

9.8CVSS6AI score0.02483EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.5 views

NavigateCMS和NavigateCMS 跨站脚本漏洞

Navigate CMS, a powerful and intuitive content management system, is vulnerable to a cross-site scripting vulnerability in Navigate CMS version 2.9. The vulnerability can be exploited to conduct cross-site scripting attacks via the "Create" or "Edit" function of the "Tools" feature...

4.8CVSS5.2AI score0.00527EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.4 views

NavigateCMS SQL注入漏洞

Navigate CMS is a powerful and intuitive content management system. A sql injection vulnerability exists in the block-order parameter of the block function in Navigate CMS 2.9.4 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary sql queries in the backend databa...

9.8CVSS6.1AI score0.02162EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.4 views

NavigateCMS SQL注入漏洞

Navigate CMS is a powerful and intuitive content management system. A sql injection vulnerability exists in the id parameter in product.php in Navigate CMS 2.9.4 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary sql queries in the backend database...

9.8CVSS6.1AI score0.02162EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.4 views

NavigateCMS SQL注入漏洞

Navigate CMS is a powerful and intuitive content management system. A sql injection vulnerability exists in the template-properties-order parameter in templates.php in Navigate CMS 2.9.4 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary sql queries in the backe...

9.8CVSS6.1AI score0.02483EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.7 views

NavigateCMS SQL注入漏洞

Navigate CMS is a powerful and intuitive content management system. A sql injection vulnerability exists in the childrenorder parameter in structure.php in Navigate CMS 2.9.4 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary sql queries in the backend database...

9.8CVSS6.1AI score0.02162EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.6 views

NavigateCMS 跨站脚本漏洞

A cross-site scripting vulnerability exists in Navigate CMS version 2.9, which is a powerful and intuitive content management system. The vulnerability can be exploited to conduct cross-site scripting attacks via the name="wrongpathredirect" function...

4.8CVSS5.2AI score0.00527EPSS
Exploits1References2
CNVD
CNVD
added 2021/06/29 12:0 a.m.6 views

Navigate CMS SQL Injection Vulnerability

Navigate CMS is a powerful and intuitive content management system. A SQL injection vulnerability exists in Navigate CMS version 2.9. The vulnerability can be exploited to conduct SQL injection attacks via URL-encoded GET input categories in navigate.php...

9.8CVSS7.8AI score0.01465EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/06/28 12:0 a.m.3 views

NavigateCMS SQL注入漏洞

Navigate CMS is a powerful and intuitive content management system. A SQL injection vulnerability exists in Navigate CMS version 2.9. The vulnerability can be exploited to conduct SQL injection attacks via URL-encoded GET input categories in navigate.php...

9.8CVSS5.8AI score0.01465EPSS
Exploits1References2
CNVD
CNVD
added 2020/08/27 12:0 a.m.2 views

Navigate CMS Cross-Site Scripting Vulnerability (CNVD-2020-49437)

Navigate CMS is a powerful and intuitive content management system. A cross-site scripting vulnerability exists in the Content module of Navigate CMS 2.9. This vulnerability can be exploited by attackers to conduct cross-site scripting attacks...

5.4CVSS6.2AI score0.00531EPSS
Exploits1References1
CNVD
CNVD
added 2020/08/27 12:0 a.m.2 views

Navigate CMS Cross-Site Scripting Vulnerability (CNVD-2020-49507)

Navigate CMS is a powerful and intuitive content management system. A cross-site scripting vulnerability exists in the Configuration module of Navigate CMS 2.9. The vulnerability can be exploited to conduct cross-site scripting attacks...

5.4CVSS6.2AI score0.00545EPSS
Exploits1References1
OSV
OSV
added 2020/08/26 5:15 p.m.4 views

CVE-2020-23655

NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Configuration."...

5.4CVSS6.1AI score0.00545EPSS
Exploits1References1
OSV
OSV
added 2020/08/26 5:15 p.m.4 views

CVE-2020-23654

NavigateCMS 2.9 is affected by Cross Site Scripting XSS via the module "Shop."...

5.4CVSS6.1AI score0.00531EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/28 12:0 a.m.3 views

Naviwebs Navigate CMS Cross-Site Scripting Vulnerability (CNVD-2020-35976)

Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A cross-site scripting vulnerability exists in the query parameter 'fid' in the navigation.php file in Naviwebs Navigate CMS version 2.9 r1433. The vulnerability stems from the WEB...

5.4CVSS6.4AI score0.00649EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/28 12:0 a.m.3 views

Unspecified Vulnerability in Naviwebs Navigate CMS

Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A security vulnerability exists in Naviwebs Navigate CMS 2.9 r1433, which originates from the program storing sessions and related information e.g. CSRF tokens in plaintext files in...

7.5CVSS6.6AI score0.01165EPSS
Exploits1References1
Rows per page
Query Builder