Lucene search
K

65 matches found

CNNVD
CNNVD
added 2022/07/06 12:0 a.m.3 views

PESCMS 跨站请求伪造漏洞

PESCMS is a content publishing platform. A security vulnerability exists in PESCMS version V2.3.3. An attacker exploited the vulnerability to delete user company related information...

6.5CVSS5.6AI score0.00529EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/07/06 12:0 a.m.4 views

PESCMS 跨站脚本漏洞

A cross-site scripting vulnerability exists in PESCMS version V2.3.3, a content publishing platform. The vulnerability stems from App/Team/GET/Report.php missing a data validation filter for user-supplied data and output. An attacker could exploit the vulnerability to execute JavaScript code on t...

6.1CVSS5.6AI score0.00829EPSS
Exploits1References4
Exploit DB
Exploit DB
added 2020/11/19 12:0 a.m.677 views

PESCMS TEAM 2.3.2 - Multiple Reflected XSS

Exploit Title: PESCMS TEAM 2.3.2 - Multiple Reflected XSS Date: 2020-11-18 Exploit Author: icekam Vendor Homepage: https://www.pescms.com/ Software Link: https://github.com/lazyphp/PESCMS-TEAM Version: PESCMS Team 2.3.2 CVE: CVE-2020-28092 PESCMS Team 2.3.2 has multiple reflected XSS via the id...

6.1CVSS6.3AI score0.02197EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/11/19 12:0 a.m.629 views

PESCMS TEAM 2.3.2 Cross Site Scripting

Exploit Title: PESCMS TEAM 2.3.2 - Multiple Reflected XSS Date: 2020-11-18 Exploit Author: icekam Vendor Homepage: https://www.pescms.com/ Software Link: https://github.com/lazyphp/PESCMS-TEAM Version: PESCMS Team 2.3.2 CVE: CVE-2020-28092 PESCMS Team 2.3.2 has multiple reflected XSS via the id...

6.4AI score0.02197EPSS
Exploits3
CNVD
CNVD
added 2020/11/18 12:0 a.m.15 views

PESCMS Team Cross-Site Scripting Vulnerability

PESCMS TEAM is an open source team task management system under the GPLv2 license. a cross-site scripting vulnerability exists in PESCMS Team 2.3.2. An attacker can exploit this vulnerability to conduct cross-site scripting attacks...

6.1CVSS1.9AI score0.02197EPSS
Exploits3References1
OSV
OSV
added 2020/11/17 10:15 p.m.13 views

CVE-2020-28092

PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Task&a=my&status=10&id=...

6.1CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2020/11/17 10:15 p.m.26 views

CVE-2020-28092

PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Task&a=my&status=10&id=...

6.1CVSS6.1AI score0.02197EPSS
Exploits3References2
Prion
Prion
added 2020/11/17 10:15 p.m.13 views

Cross site scripting

PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Task&a=my&status=10&id=...

4.3CVSS5.9AI score0.02197EPSS
Exploits3References2Affected Software1
CVE
CVE
added 2020/11/17 9:44 p.m.79 views

CVE-2020-28092

CVE-2020-28092 affects PESCMS Team 2.3.2 and manifests as multiple reflected XSS via the id parameter in endpoints like ?g=Team&m=Task&a=my&status=...&id= across several pages. Public references (Exploit-DB, Red Hat, CNVD, NVD, OSV, PRION, Pack et al.) corroborate the vulnerability, with exploit ...

6.1CVSS5.9AI score0.02197EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2020/11/17 9:44 p.m.29 views

CVE-2020-28092

PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Task&a=my&status=10&id=...

6AI score0.02197EPSS
Exploits3References2
CNNVD
CNNVD
added 2020/11/17 12:0 a.m.10 views

Lazyphp Pescms Team 跨站脚本漏洞

PESCMS TEAM is an open source team task management system under the GPLv2 license. a cross-site scripting vulnerability exists in PESCMS Team 2.3.2. An attacker can exploit this vulnerability to conduct cross-site scripting attacks...

6.1CVSS6.2AI score0.02197EPSS
Exploits3References4
CNVD
CNVD
added 2020/01/07 12:0 a.m.1 views

Arbitrary File Deletion Vulnerability in PESCMS Team 2.3.1

PESCMS Team is an open source team task management system written in PHP. An arbitrary file deletion vulnerability exists in PESCMS 2.3.1, which can be exploited by an attacker to delete arbitrary files after a series of operations...

7AI score
Exploits0
NVD
NVD
added 2018/09/03 12:29 a.m.13 views

CVE-2018-16370

In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive...

9.8CVSS9.8AI score0.01783EPSS
Exploits1References1
NVD
NVD
added 2018/09/03 12:29 a.m.12 views

CVE-2018-16371

PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=Usergroup&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=...

6.1CVSS6.1AI score0.00707EPSS
Exploits1References1
Prion
Prion
added 2018/09/03 12:29 a.m.14 views

Cross site scripting

PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=Usergroup&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=...

4.3CVSS6AI score0.00707EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/09/03 12:29 a.m.19 views

Code injection

In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive...

7.5CVSS9.7AI score0.01783EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/09/03 12:29 a.m.17 views

CVE-2018-16370

In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive...

9.8CVSS7.7AI score
Exploits0References1
OSV
OSV
added 2018/09/03 12:29 a.m.15 views

CVE-2018-16371

PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=Usergroup&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=...

6.1CVSS5.9AI score
Exploits0References1
Cvelist
Cvelist
added 2018/09/03 12:0 a.m.16 views

CVE-2018-16371

PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=Usergroup&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=...

6.1AI score0.00707EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/09/03 12:0 a.m.17 views

CVE-2018-16370

In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive...

9.8AI score0.01783EPSS
Exploits1References1
Rows per page
Query Builder