Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

25 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-2374

Malware in sbrugna...

8.1CVSS8AI score0.00101EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-2218

Malware in sbrugna...

5.4CVSS5.4AI score0.00319EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/09/27 12:48 a.m.6 views

CVE-2025-57692

PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...

6.8CVSS6.4AI score0.00077EPSS
Exploits3References1
OSV
OSVadded 2025/09/26 8:15 p.m.1 views

CVE-2025-57692

PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...

6.8CVSS6.5AI score0.00077EPSS
Exploits3References2
Cvelist
Cvelistadded 2025/09/26 12:0 a.m.5 views

CVE-2025-57692

PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...

0.00077EPSS
Exploits3References2
Positive Technologies
Positive Technologiesadded 2025/09/26 12:0 a.m.2 views

PT-2025-39678

Name of the Vulnerable Software and Affected Versions PiranhaCMS version 12.0 Description The software contains a stored cross-site scripting XSS issue in the Text content block of Standard and Standard Archive Pages. This allows for the execution of arbitrary JavaScript in another user's browser...

6.8CVSS5.7AI score0.00077EPSS
Exploits3References11
CVE
CVEadded 2025/09/26 12:0 a.m.10 views

CVE-2025-57692

Affected software: PiranhaCMS 12.0 (self-hosted CMS). Vulnerability: Stored Cross-Site Scripting in the Text content block of Standard and Standard Archive Pages, exploitable via /manager/pages. Root cause (as per sources): Insufficient input filtering allowing stored XSS. Impact: Allows executio...

6.8CVSS6AI score0.00077EPSS
Exploits3References2Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/22 9:37 p.m.4 views

CVE-2021-25976

In PiranhaCMS, versions 4.0.0-alpha1 to 9.2.0 are vulnerable to cross-site request forgery CSRF when performing various actions supported by the management system, such as deleting a user, deleting a role, editing a post, deleting a media folder etc., when an ID is known...

8.1CVSS6.8AI score0.00101EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/22 7:27 p.m.5 views

CVE-2021-25977

In PiranhaCMS, versions 7.0.0 to 9.1.1 are vulnerable to stored XSS due to the page title improperly sanitized. By creating a page with a specially crafted page title, a low privileged user can trigger arbitrary JavaScript execution...

5.4CVSS5.7AI score0.00319EPSS
Exploits0
CNVD
CNVDadded 2021/11/22 12:0 a.m.12 views

PiranhaCMS cross-site request forgery vulnerability

PiranhaCms is a friendly editor-centric Cms for use with .Net5 for integration with Cms or headless Api. posts, deleting media folders, etc., a check for cross-site request forgery is missing. No detailed vulnerability details are available at this time...

8.1CVSS3.1AI score0.00101EPSS
Exploits0References1
OSV
OSVadded 2021/11/17 11:42 p.m.13 views

GHSA-PPQ7-88C7-Q879 Cross-Site Request Forgery in PiranhaCMS

In PiranhaCMS, versions 4.0.0-alpha1 to 9.2.0 are vulnerable to cross-site request forgery CSRF when performing various actions supported by the management system, such as deleting a user, deleting a role, editing a post, deleting a media folder etc., when an ID is known...

8.1CVSS8.1AI score0.00101EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2021/11/17 11:42 p.m.31 views

Cross-Site Request Forgery in PiranhaCMS

In PiranhaCMS, versions 4.0.0-alpha1 to 9.2.0 are vulnerable to cross-site request forgery CSRF when performing various actions supported by the management system, such as deleting a user, deleting a role, editing a post, deleting a media folder etc., when an ID is known...

8.1CVSS4.1AI score0.00101EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2021/11/16 9:15 a.m.6 views

CVE-2021-25976

In PiranhaCMS, versions 4.0.0-alpha1 to 9.2.0 are vulnerable to cross-site request forgery CSRF when performing various actions supported by the management system, such as deleting a user, deleting a role, editing a post, deleting a media folder etc., when an ID is known...

8.1CVSS0.00101EPSS
Exploits0References2
OSV
OSVadded 2021/11/16 9:15 a.m.11 views

CVE-2021-25976

In PiranhaCMS, versions 4.0.0-alpha1 to 9.2.0 are vulnerable to cross-site request forgery CSRF when performing various actions supported by the management system, such as deleting a user, deleting a role, editing a post, deleting a media folder etc., when an ID is known...

8.1CVSS6.8AI score0.00101EPSS
Exploits0References2
Prion
Prionadded 2021/11/16 9:15 a.m.10 views

Cross site request forgery (csrf)

In PiranhaCMS, versions 4.0.0-alpha1 to 9.2.0 are vulnerable to cross-site request forgery CSRF when performing various actions supported by the management system, such as deleting a user, deleting a role, editing a post, deleting a media folder etc., when an ID is known...

4CVSS8AI score0.00101EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2021/11/16 9:5 a.m.60 views

CVE-2021-25976

CVE-2021-25976 affects PiranhaCMS, with versions 4.0.0-alpha1 to 9.2.0 susceptible to Cross-Site Request Forgery (CSRF) when performing actions supported by the management system (e.g., deleting a user, deleting a role, editing a post, deleting a media folder) if an ID is known. The vulnerability...

8.1CVSS8.1AI score0.00101EPSS
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2021/11/16 12:0 a.m.3 views

PiranhaCms 跨站请求伪造漏洞

PiranhaCms is a friendly editor-centric Cms for use with .Net5 for integration with Cms or headless Api. posts, deleting media folders, etc., a check for cross-site request forgery is missing. No detailed vulnerability details are available at this time...

8.1CVSS5.3AI score0.00101EPSS
Exploits0References3
CNVD
CNVDadded 2021/10/28 12:0 a.m.18 views

PiranhaCMS Cross-Site Scripting Vulnerability

PiranhaCms is a friendly editor-centric Cms for use with .Net5 for integrating Cms or headless Api. A cross-site scripting vulnerability exists in PiranhaCMS versions 7.0.0 through 9.1.1, which stems from page headers that are not properly cleaned and are vulnerable to stored XSS attacks, and can...

5.4CVSS3AI score0.00319EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2021/10/27 6:53 p.m.23 views

Cross-site Scripting in PiranhaCMS

In PiranhaCMS, versions 7.0.0 to 9.1.1 are vulnerable to stored XSS due to the page title improperly sanitized. By creating a page with a specially crafted page title, a low privileged user can trigger arbitrary JavaScript execution...

5.4CVSS4.5AI score0.00319EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2021/10/27 6:53 p.m.14 views

GHSA-JVJP-VH27-R9H5 Cross-site Scripting in PiranhaCMS

In PiranhaCMS, versions 7.0.0 to 9.1.1 are vulnerable to stored XSS due to the page title improperly sanitized. By creating a page with a specially crafted page title, a low privileged user can trigger arbitrary JavaScript execution...

5.4CVSS5.2AI score0.00319EPSS
Exploits0References4
Rows per page
Query Builder