322 matches found
GHSA-VQC7-7FJ4-3FM3 REDAXO CMS is vulnerable to XSS through its module management component
A stored cross-site scripting XSS vulnerability in the module management component in REDAXO CMS 5.20.0 allows remote users to inject arbitrary web script or HTML via the Output code field in modules. The payload is executed when a user views or edits an article by adding slice that uses the...
CVE-2025-64050
A Remote Code Execution RCE vulnerability in the template management component in REDAXO CMS 5.20.0 allows remote authenticated administrators to execute arbitrary operating system commands by injecting PHP code into an active template. The payload is executed when visitors access frontend pages...
CVE-2025-64049
A stored cross-site scripting XSS vulnerability in the module management component in REDAXO CMS 5.20.0 allows remote users to inject arbitrary web script or HTML via the Output code field in modules. The payload is executed when a user views or edits an article by adding slice that uses the...
CVE-2025-64049
A stored cross-site scripting XSS vulnerability in the module management component in REDAXO CMS 5.20.0 allows remote users to inject arbitrary web script or HTML via the Output code field in modules. The payload is executed when a user views or edits an article by adding slice that uses the...
CVE-2025-64050
A Remote Code Execution RCE vulnerability in the template management component in REDAXO CMS 5.20.0 allows remote authenticated administrators to execute arbitrary operating system commands by injecting PHP code into an active template. The payload is executed when visitors access frontend pages...
REDAXO 安全漏洞
REDAXO is a content management system from REDAXO open source. A security vulnerability exists in REDAXO version 5.20.0, which stems from improper handling of the Output code field in the module management component and could lead to a stored cross-site scripting attack...
CVE-2025-64050
A Remote Code Execution RCE vulnerability in the template management component in REDAXO CMS 5.20.0 allows remote authenticated administrators to execute arbitrary operating system commands by injecting PHP code into an active template. The payload is executed when visitors access frontend pages...
PT-2025-48037
Name of the Vulnerable Software and Affected Versions REDAXO CMS version 5.20.0 Description A stored cross-site scripting XSS issue exists in the module management component of REDAXO CMS. A remote user can inject arbitrary web script or HTML through the Output code field within modules. This...
REDAXO 安全漏洞
REDAXO is a content management system from REDAXO open source. A security vulnerability exists in REDAXO version 5.20.0, which stems from a template management component that allows injection of PHP code, potentially leading to remote code execution...
CVE-2025-64050
A Remote Code Execution RCE vulnerability in the template management component in REDAXO CMS 5.20.0 allows remote authenticated administrators to execute arbitrary operating system commands by injecting PHP code into an active template. The payload is executed when visitors access frontend pages...
CVE-2025-64049
A stored cross-site scripting XSS vulnerability in the module management component in REDAXO CMS 5.20.0 allows remote users to inject arbitrary web script or HTML via the Output code field in modules. The payload is executed when a user views or edits an article by adding slice that uses the...
CVE-2025-64049
CVE-2025-64049 describes a stored XSS in REDAXO CMS 5.20.0, specifically in the module management component. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the Output code field in modules; the payload executes when a user views or edits an article that inclu...
CVE-2025-64050
The CVE describes a Remote Code Execution in REDAXO CMS (v5.20.0) tied to the template management component. An authenticated administrator can inject PHP code into an active template, leading to command execution when frontend pages render the compromised template. Impact is high (CVE metrics sh...
CVE-2025-64049
A stored cross-site scripting XSS vulnerability in the module management component in REDAXO CMS 5.20.0 allows remote users to inject arbitrary web script or HTML via the Output code field in modules. The payload is executed when a user views or edits an article by adding slice that uses the...
PT-2025-48038
Name of the Vulnerable Software and Affected Versions REDAXO CMS version 5.20.0 Description A Remote Code Execution RCE issue exists in the template management component of REDAXO CMS. A remote, authenticated administrator can execute arbitrary operating system commands by injecting PHP code into...
Exploit for CVE-2025-64049
CVE-Disclosures Welcome to the CVE disclosures section of thi...
EUVD-2018-9937
Malware in sbrugna...
EUVD-2018-9576
Malware in sbrugna...
EUVD-2018-9577
Malware in sbrugna...
EUVD-2018-9938
Malware in sbrugna...