Lucene search
K

27 matches found

CNNVD
CNNVD
added 2026/05/29 12:0 a.m.8 views

Naviwebs Navigate CMS 路径遍历漏洞

Naviwebs Navigate CMS is an open-source content management system developed by Naviwebs Inc. In the version 2.8.5 of Naviwebs Navigate CMS, there is a path traversal vulnerability. This vulnerability stems from the injection of directory traversal sequences in the id parameter, which may allow...

7.1CVSS5.9AI score0.00565EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.8 views

Naviwebs Navigate CMS SQL Injection Vulnerability

Naviwebs Navigate CMS is an open-source content management system developed by Naviwebs Inc. In the version 2.8.7 of Naviwebs Navigate CMS, there is a SQL injection vulnerability. This vulnerability stems from the sidx parameter in the comments, which allows for SQL injections, potentially leadin...

7.1CVSS5.9AI score0.00338EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-23056

Malware in sbrugna...

5.4CVSS6.6AI score0.00552EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 9:13 p.m.9 views

CVE-2021-36454

Cross Site Scripting XSS vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1 backups\backups.php, 2 blocks\blocks.php, 3 brands\brands.php, 4 comments\comments.php, 5 coupons\coupons.php, 6 feeds\feeds.php, 7 functions\functions.php, 8 items\items.php, 9...

5.4CVSS6AI score0.00552EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2023/12/26 6:51 a.m.396 views

Exploit for Server-Side Request Forgery in Naviwebs Navigate_Cms

It is an exploit module targeting Apache HTTP Server. The targe...

4.9CVSS6.4AI score0.2195EPSS
Exploits6
CNNVD
CNNVD
added 2022/01/19 12:0 a.m.4 views

Naviwebs Navigate CMS 跨站脚本漏洞

Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. Naviwebs Navigate CMS suffers from a cross-site scripting vulnerability that originates from a lack of proper validation of client-side data by the WEB application. An attacker can...

5.4CVSS5.7AI score0.00438EPSS
Exploits1References2
NVD
NVD
added 2021/08/06 4:15 p.m.15 views

CVE-2021-36454

Cross Site Scripting XSS vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1 backups\backups.php, 2 blocks\blocks.php, 3 brands\brands.php, 4 comments\comments.php, 5 coupons\coupons.php, 6 feeds\feeds.php, 7 functions\functions.php, 8 items\items.php, 9...

5.4CVSS0.00552EPSS
Exploits1References2
Prion
Prion
added 2021/08/06 4:15 p.m.19 views

Cross site scripting

Cross Site Scripting XSS vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1 backups\backups.php, 2 blocks\blocks.php, 3 brands\brands.php, 4 comments\comments.php, 5 coupons\coupons.php, 6 feeds\feeds.php, 7 functions\functions.php, 8 items\items.php, 9...

3.5CVSS5.3AI score0.00552EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2021/08/06 4:15 p.m.18 views

Sql injection

SQL Injection vulnerability in Naviwebs Navigate CMS 2.9 via the quicksearch parameter in \lib\packages\comments\comments.php...

6.5CVSS9.1AI score0.01104EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/08/06 3:25 p.m.20 views

CVE-2021-36455

SQL Injection vulnerability in Naviwebs Navigate CMS 2.9 via the quicksearch parameter in \lib\packages\comments\comments.php...

9.4AI score0.01104EPSS
Exploits1References2
CVE
CVE
added 2021/08/06 3:25 p.m.84 views

CVE-2021-36455

CVE-2021-36455 affects Naviwebs Navigate CMS 2.9. The vulnerability is a SQL Injection in the quicksearch parameter of lib/packages/comments/comments.php, caused by insufficient input filtering. Documents confirm the affected product/version and root cause; no explicit exploitation details are pr...

8.8CVSS9.1AI score0.01104EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/08/06 3:19 p.m.15 views

CVE-2021-36454

Cross Site Scripting XSS vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1 backups\backups.php, 2 blocks\blocks.php, 3 brands\brands.php, 4 comments\comments.php, 5 coupons\coupons.php, 6 feeds\feeds.php, 7 functions\functions.php, 8 items\items.php, 9...

5.5AI score0.00552EPSS
Exploits1References2
CNVD
CNVD
added 2020/06/28 12:0 a.m.3 views

Naviwebs Navigate CMS Authorization Issues Vulnerability

Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A security vulnerability exists in the password recovery feature in Naviwebs Navigate CMS version 2.9 r1433, which originates from a notfound message being returned when the user name o...

5.3CVSS6.9AI score0.01579EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/28 12:0 a.m.2 views

Naviwebs Navigate CMS Authorization Issue Vulnerability (CNVD-2020-35977)

Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A security vulnerability exists in Naviwebs Navigate CMS version 2.9 r1433, which originated when the program resets passwords, allowing users to continue setting passwords even if an...

7.5CVSS7.1AI score0.01361EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/28 12:0 a.m.3 views

Naviwebs Navigate CMS Cross-Site Scripting Vulnerability (CNVD-2020-35980)

Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A cross-site scripting vulnerability exists in Naviwebs Navigate CMS version 2.9 r1433. The vulnerability stems from a lack of proper validation of client-side data by the WEB...

6.1CVSS6.4AI score0.00934EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/28 12:0 a.m.3 views

Unspecified Vulnerability in Naviwebs Navigate CMS

Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A security vulnerability exists in Naviwebs Navigate CMS 2.9 r1433, which originates from the program storing sessions and related information e.g. CSRF tokens in plaintext files in...

7.5CVSS6.6AI score0.01165EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/28 12:0 a.m.3 views

Naviwebs Navigate CMS Cross-Site Scripting Vulnerability (CNVD-2020-35976)

Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A cross-site scripting vulnerability exists in the query parameter 'fid' in the navigation.php file in Naviwebs Navigate CMS version 2.9 r1433. The vulnerability stems from the WEB...

5.4CVSS6.4AI score0.00649EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/15 12:0 a.m.2 views

Naviwebs Navigate CMS Code Issue Vulnerability

Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A security vulnerability exists in the installfromhash function in Naviwebs Navigate CMS version 2.9, which can be exploited by attackers to compromise confidentiality, integrity, and...

9.8CVSS6.9AI score0.0123EPSS
Exploits0References1
CNVD
CNVD
added 2018/10/09 12:0 a.m.2 views

Naviwebs Navigate CMS SQL Injection Vulnerability

Naviwebs Navigate CMS is an open source content management system CMS. A SQL injection vulnerability exists in the login.php file in Naviwebs Navigate CMS version 2.8. A remote attacker can exploit the vulnerability to bypass authentication...

9.8CVSS9.7AI score0.84063EPSS
Exploits5References1
OSV
OSV
added 2018/10/03 8:29 p.m.16 views

CVE-2018-17553

An "Unrestricted Upload of File with Dangerous Type" issue with directory traversal in navigateupload.php in Naviwebs Navigate CMS 2.8 allows authenticated attackers to achieve remote code execution via a POST request with engine=picnik and id=../../../navigateinfo.php...

8.8CVSS7.5AI score
Exploits0References3
Rows per page
Query Builder