CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

46 matches found

EUVD•added 2026/04/04 9:30 p.m.•2 views

EUVD-2016-10873

Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administrators into submitting requests to admin/usermanipulate and admin/settings/generall endpoints to...

5.3CVSS5.9AI score0.00016EPSS

Exploits1References2

Snyk•added 2026/04/04 9:30 p.m.•1 views

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the admin/usermanipulate and admin/settings/generall endpoints. An attacker can perform unauthorized administrative actions by tricking an authenticated administrator into submitting crafted...

7.4CVSS5.7AI score0.00016EPSS

Exploits1References3

Github Security Blog•added 2026/04/04 9:30 p.m.•2 views

Nodcms contains a cross-site request forgery vulnerability

5.3CVSS5.7AI score0.00016EPSS

Exploits1References3Affected Software1

NVD•added 2026/04/04 8:16 p.m.•2 views

CVE-2016-20054

5.3CVSS0.00016EPSS

Exploits1References1

Cvelist•added 2026/04/04 7:59 p.m.•17 views

CVE-2016-20054 Nodcms Cross Site Request Forgery via admin endpoints

5.3CVSS0.00016EPSS

Exploits1References1

Vulnrichment•added 2026/04/04 7:59 p.m.•2 views

CVE-2016-20054 Nodcms Cross Site Request Forgery via admin endpoints

5.3CVSS5.9AI score0.00016EPSS

Exploits1References1

ATTACKERKB•added 2026/04/04 7:59 p.m.•3 views

CVE-2016-20054

5.3CVSS5.9AI score0.00016EPSS

Exploits1References1Affected Software1

CVE•added 2026/04/04 7:59 p.m.•6 views

CVE-2016-20054

CVE-2016-20054 concerns Nodcms and a cross-site request forgery (CSRF) vulnerability that enables unauthorized administrative actions via crafted forms. The issue allows tricking authenticated administrators into submitting requests to admin/user_manipulate and admin/settings/generall endpoints t...

5.3CVSS5.9AI score0.00016EPSS

Exploits1References1Affected Software1

CNNVD•added 2026/04/04 12:0 a.m.•2 views

NodCMS 跨站脚本漏洞

NodCMS is a free, multilingual, and powerful CMS developed by Mojtaba, based on CodeIgniter4. NodCMS has a cross-site scripting vulnerability, which stems from a susceptibility to cross-site request forgeing attacks. This vulnerability could allow attackers to execute unauthorized administrative...

5.3CVSS5.7AI score0.00016EPSS

Exploits1References1

Positive Technologies•added 2026/04/04 12:0 a.m.•1 views

PT-2026-30379

Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administrators into submitting requests to admin/user manipulate and admin/settings/generall endpoints to...

5.3CVSS5.9AI score0.00016EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-1741

Malicious code in bioql PyPI...

4.8CVSS5AI score0.00176EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-44285

Malicious code in bioql PyPI...

6.1CVSS5AI score0.00089EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 4:0 a.m.•3 views

CVE-2023-3641

A vulnerability has been found in khodakhah NodCMS 3.4.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /en/blog-comment-4 of the component POST Request Handler. The manipulation of the argument commentname/commentcontent leads to cross site...

6.1CVSS6.4AI score0.00089EPSS

Exploits0

RedhatCVE•added 2025/05/22 3:47 p.m.•4 views

CVE-2020-20697

Cross Site Scripting vulnerability in khodakhah NodCMS v.3.0 allows a remote attacker to execute arbitrary code and gain access to senstivie information via a crafted script to the address parameter...

4.8CVSS7.2AI score0.00176EPSS

Exploits1

OSV•added 2023/07/12 5:15 p.m.•11 views

CVE-2023-3641

6.1CVSS6.5AI score

Exploits0References2

NVD•added 2023/07/12 5:15 p.m.•7 views

CVE-2023-3641

6.1CVSS0.00089EPSS

Exploits0References2

Prion•added 2023/07/12 5:15 p.m.•8 views

Cross site scripting

5CVSS6.1AI score0.00089EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/07/12 4:31 p.m.•12 views

CVE-2023-3641 khodakhah NodCMS POST Request blog-comment-4 cross site scripting

5CVSS6.2AI score0.00089EPSS

Exploits0References2

CVE•added 2023/07/12 4:31 p.m.•24 views

CVE-2023-3641

The CVE-2023-3641 entry concerns khodakhah NodCMS 3.4.1. The vulnerable component is the POST Request Handler at /en/blog-comment-4, where manipulating the parameters comment_name and comment_content leads to Cross-Site Scripting. The attack can be launched remotely. Public documents do not provi...

6.1CVSS5.2AI score0.00089EPSS

Exploits0References2Affected Software1

CNNVD•added 2023/07/12 12:0 a.m.•1 views

NodCMS 跨站脚本漏洞

NodCMS is a free, multi-language, simple and powerful CMS based on CodeIgniter4 by Mojtaba Individual Developers. A cross-site scripting vulnerability exists in khodakhah NodCMS version 3.4.1, which stems from the parameter commentname/commentcontent in the file /en/blog-comment-4 that leads to...

6.1CVSS4.2AI score0.00089EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by