Lucene search
K

7 matches found

CNNVD
CNNVD
added 2025/06/15 12:0 a.m.2 views

FoxCMS 注入漏洞

FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS. FoxCMS 1.2.5 and previous versions exist injection vulnerability, the vulnerability stems from the file app/admin/controller/Download.php in the parameter ids of the wrong operation leads to SQL injection...

8.8CVSS7AI score0.00361EPSS
Exploits1References5
OSV
OSV
added 2023/08/30 8:9 p.m.2 views

GHSA-8FJR-HGHR-4M99 Archive spoofing vulnerability in borgbackup

Impact A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an attacker to be able to 1. insert files with no additional headers into backups 2. gain write acce...

6CVSS5.8AI score0.00106EPSS
Exploits0References10
CNNVD
CNNVD
added 2023/08/30 12:0 a.m.5 views

BorgBackup 数据伪造问题漏洞

BorgBackup is an archiving program that performs deduplication through compression and encryption. A data forgery issue vulnerability exists in BorgBackup versions prior to 1.2.5, which stems from a flaw in the cryptographic authentication scheme in BorgBackup that allows an attacker to forge an...

4.7CVSS5AI score0.00106EPSS
Exploits0References7
OSV
OSV
added 2019/04/18 2:29 a.m.2 views

CVE-2019-1841

A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...

8.1CVSS7AI score0.02644EPSS
Exploits0References2
OSV
OSV
added 2019/03/11 9:29 p.m.3 views

CVE-2019-1707

A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of...

5.4CVSS6.2AI score0.00893EPSS
Exploits0References2
OSV
OSV
added 2017/04/29 7:59 p.m.1 views

DEBIAN-CVE-2017-8114

Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin...

8.8CVSS7AI score0.03471EPSS
Exploits1References1
CNVD
CNVD
added 2017/04/26 12:0 a.m.2 views

WordPress Easy WP SMTP Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language that allows users to set up their own websites on servers that support PHP and MySQL databases. WordPress can also be used as a content management system CMS. A cross-site scripting vulnerability exists in WordPress Easy WP SMTP...

6.1CVSS5.8AI score0.00775EPSS
Exploits0References1
Rows per page
Query Builder