Lucene search
K

35 matches found

Vulnrichment
Vulnrichment
added 2024/04/11 12:0 a.m.8 views

CVE-2024-30879

Reflected Cross Site Scripting XSS vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the boxId parameter in the image cropping function...

5.9AI score0.00439EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/04/11 12:0 a.m.3 views

RageFrame2 安全漏洞

rageframe2 is a rapid development application engine based on the Yii2 advanced framework by an individual developer in China, jianyan74. A security vulnerability exists in RageFrame2 version v2.6.43, which stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability that could...

5.4CVSS5.6AI score0.00411EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/04/11 12:0 a.m.13 views

PT-2024-23651 · Unknown · Rageframe2

Name of the Vulnerable Software and Affected Versions: RageFrame2 version 2.6.43 Description: A cross-site scripting XSS issue allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the upload drive parameter...

6.1CVSS6.4AI score0.00408EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/08/16 1:15 p.m.13 views

CVE-2022-36530

An issue was discovered in rageframe2 2.6.37. There is a XSS vulnerability in the user agent related parameters of the info.php page...

6.1CVSS6.4AI score0.00707EPSS
Exploits1References6
NVD
NVD
added 2022/08/16 1:15 p.m.15 views

CVE-2022-36530

An issue was discovered in rageframe2 2.6.37. There is a XSS vulnerability in the user agent related parameters of the info.php page...

6.1CVSS0.00707EPSS
Exploits1References3
Prion
Prion
added 2022/08/16 1:15 p.m.17 views

Code injection

An issue was discovered in rageframe2 2.6.37. There is a XSS vulnerability in the user agent related parameters of the info.php page...

5.8CVSS6AI score0.00707EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/08/16 12:39 p.m.18 views

CVE-2022-36530

An issue was discovered in rageframe2 2.6.37. There is a XSS vulnerability in the user agent related parameters of the info.php page...

6.1AI score0.00707EPSS
Exploits1References3
OSV
OSV
added 2022/08/16 12:39 p.m.17 views

CVE-2022-36530

An issue was discovered in rageframe2 2.6.37. There is a XSS vulnerability in the user agent related parameters of the info.php page...

6.1CVSS6AI score0.00707EPSS
Exploits1References6
CVE
CVE
added 2022/08/16 12:39 p.m.69 views

CVE-2022-36530

CVE-2022-36530 affects rageframe2 version 2.6.37, describing an XSS vulnerability in the user agent related parameters of the info.php page. The cited sources consistently indicate this is a cross-site scripting issue, but do not provide explicit exploit details, affected build ranges beyond 2.6....

6.1CVSS5.9AI score0.00707EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2022/08/16 12:0 a.m.3 views

rageframe2 跨站脚本漏洞

rageframe2 is a rapid development application engine based on the Yii2 Advanced Framework by the individual developer Jianyan74. A security vulnerability exists in rageframe2 version 2.6.37, which is caused by an XSS vulnerability in the user-agent related parameters of the info.php page...

6.1CVSS6.2AI score0.00707EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/08/16 12:0 a.m.6 views

PT-2022-23450 · Unknown · Rageframe2

Name of the Vulnerable Software and Affected Versions: rageframe2 version 2.6.37 Description: An issue was discovered in the user agent related parameters of the info.php page, specifically a XSS vulnerability. Recommendations: For rageframe2 version 2.6.37, consider restricting access to the...

6.1CVSS6AI score0.00707EPSS
Exploits1References8
NVD
NVD
added 2021/05/18 3:15 p.m.15 views

CVE-2020-24026

TinyShop, a free and open source mall based on RageFrame2, has a stored XSS vulnerability that affects version 1.2.0. TinyShop allows XSS via the explainfirst and againexplain parameters of the /evaluate/index.php page. The vulnerability may be exploited remotely, resulting in cross-site scriptin...

6.1CVSS0.00945EPSS
Exploits1References3
OSV
OSV
added 2021/05/18 3:15 p.m.13 views

CVE-2020-24026

TinyShop, a free and open source mall based on RageFrame2, has a stored XSS vulnerability that affects version 1.2.0. TinyShop allows XSS via the explainfirst and againexplain parameters of the /evaluate/index.php page. The vulnerability may be exploited remotely, resulting in cross-site scriptin...

6.1CVSS5AI score
Exploits0References3
Cvelist
Cvelist
added 2021/05/18 2:23 p.m.22 views

CVE-2020-24026

TinyShop, a free and open source mall based on RageFrame2, has a stored XSS vulnerability that affects version 1.2.0. TinyShop allows XSS via the explainfirst and againexplain parameters of the /evaluate/index.php page. The vulnerability may be exploited remotely, resulting in cross-site scriptin...

5.9AI score0.00945EPSS
Exploits1References3
CVE
CVE
added 2021/05/18 2:23 p.m.35 views

CVE-2020-24026

CVE-2020-24026 concerns TinyShop 1.2.0 (RageFrame2). The vulnerability is a stored XSS via the explain_first and again_explain parameters of /evaluate/index.php, allowing remote exploitation that can lead to XSS or information disclosure. All concrete details provided relate to TinyShop’s version...

6.1CVSS5.8AI score0.00945EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder