Lucene search
K

20 matches found

NVD
NVD
added 2026/06/17 10:16 p.m.13 views

CVE-2026-48997

e107 is a content management system CMS. Versions 2.3.5 and earlier contain a command injection vulnerability in the ImageMagick resize destination path. In resizeimage, the source path is escaped with escapeshellarg, but the destination path is inserted inside raw double quotes in the convert...

7.1CVSS0.00747EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.8 views

CVE-2026-6184

A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The exploit has been ma...

4.8CVSS3.6AI score0.00302EPSS
Exploits0References1
NVD
NVD
added 2026/05/16 4:16 p.m.15 views

CVE-2020-37236

NewsLister contains an authenticated persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the title parameter in the news addition interface. Attackers can inject JavaScript payloads via the title field in the admin panel that...

6.4CVSS0.00235EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/16 3:25 p.m.9 views

CVE-2020-37236 NewsLister Authenticated Persistent Cross-Site Scripting via Admin Panel

NewsLister contains an authenticated persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the title parameter in the news addition interface. Attackers can inject JavaScript payloads via the title field in the admin panel that...

6.4CVSS5.7AI score0.00235EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/16 3:25 p.m.11 views

EUVD-2020-31236

NewsLister contains an authenticated persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the title parameter in the news addition interface. Attackers can inject JavaScript payloads via the title field in the admin panel that...

6.4CVSS5.7AI score0.00235EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/16 3:25 p.m.30 views

CVE-2020-37236 NewsLister Authenticated Persistent Cross-Site Scripting via Admin Panel

NewsLister contains an authenticated persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the title parameter in the news addition interface. Attackers can inject JavaScript payloads via the title field in the admin panel that...

6.4CVSS0.00235EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/16 12:0 a.m.19 views

PT-2026-41436

NewsLister contains an authenticated persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the title parameter in the news addition interface. Attackers can inject JavaScript payloads via the title field in the admin panel that...

6.4CVSS5.7AI score0.00235EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/16 12:0 a.m.11 views

NetArt Media News Lister 跨站脚本漏洞

NetArt Media News Lister is a website news management system developed by NetArt Media in Bulgaria. It supports news publishing, article management, and content display. NetArt Media News Lister has a cross-site scripting vulnerability. This vulnerability stems from the title parameter in the new...

6.4CVSS5.7AI score0.00235EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/13 6:30 p.m.4 views

EUVD-2026-21982

A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The exploit has been ma...

4.8CVSS4.2AI score0.00302EPSS
Exploits0References6
NVD
NVD
added 2026/04/13 4:16 p.m.5 views

CVE-2026-6184

A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The exploit has been ma...

4.8CVSS0.00302EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/13 3:0 p.m.32 views

CVE-2026-6184 code-projects Simple Content Management System welcome.php cross site scripting

A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The exploit has been ma...

4.8CVSS0.00302EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/13 3:0 p.m.3 views

CVE-2026-6184 code-projects Simple Content Management System welcome.php cross site scripting

A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The exploit has been ma...

4.8CVSS4.2AI score0.00302EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/13 3:0 p.m.8 views

CVE-2026-6184

A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The exploit has been ma...

4.8CVSS4.2AI score0.00302EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/13 3:0 p.m.14 views

CVE-2026-6184

The vulnerability CVE-2026-6184 affects code-projects Simple Content Management System 1.0. A weakness exists in an unknown part of /web/admin/welcome.php where manipulating the argument News Title can result in cross-site scripting. Exploitation can be performed remotely, and public exploits are...

4.8CVSS4.2AI score0.00302EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.5 views

PT-2026-32378

A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The exploit has been ma...

4.8CVSS4.2AI score0.00302EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.8 views

Code-Projects Simple Content Management System 代码注入漏洞

Code-Projects Simple Content Management System is an open-source simple content management system developed by Code-Projects. Version 1.0 of the code-projects Simple Content Management System contains a code injection vulnerability. This vulnerability arises from incorrect handling of parameters...

4.8CVSS5.7AI score0.00302EPSS
Exploits0References5
OSV
OSV
added 2020/11/30 6:15 p.m.6 views

CVE-2020-29364

In NetArt News Lister 1.0.0, the news headlines vulnerable to stored xss attacks. Attackers can inject codes in news titles...

4.8CVSS5.8AI score0.00614EPSS
Exploits1References2
NVD
NVD
added 2019/11/06 4:15 p.m.23 views

CVE-2017-18639

Progress Sitefinity CMS before 10.1 allows XSS via /Pages Parameter : Page Title, /Content/News Parameter : News Title, /Content/List Parameter : List Title, /Content/Documents/LibraryDocuments/incident-request-attachments Parameter : Document Title, /Content/Images/LibraryImages/newsimages...

6.1CVSS6AI score0.00894EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/11/06 3:7 p.m.33 views

CVE-2017-18639

Progress Sitefinity CMS before 10.1 allows XSS via /Pages Parameter : Page Title, /Content/News Parameter : News Title, /Content/List Parameter : List Title, /Content/Documents/LibraryDocuments/incident-request-attachments Parameter : Document Title, /Content/Images/LibraryImages/newsimages...

6AI score0.00894EPSS
Exploits1References1
Cvelist
Cvelist
added 2013/01/24 1:0 a.m.26 views

CVE-2012-6510

Multiple cross-site scripting XSS vulnerabilities in NetArt Media Car Portal 3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 PWRS or 2 Description field when posting a new vehicle; 3 news title when creating news; 4 Name when creating a sub user; 5 group name when...

5.7AI score0.01639EPSS
Exploits1References3
Rows per page
Query Builder