Lucene search
K

27 matches found

CNNVD
CNNVD
added 2025/12/23 12:0 a.m.3 views

PuneethReddyHC Event Management 安全漏洞

PuneethReddyHC Event Management is an application by Puneeth Reddy H C Individual Developer. Helps users to register for events organized in university festivals with simple logic and security. A security vulnerability exists in PuneethReddyHC Event Management version 1.0, which stems from...

9.8CVSS7.7AI score0.00476EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/10/06 12:0 a.m.5 views

IdeaCMS 命令注入漏洞

IdeaCMS is an open source shopping mall system by IdeaCMS. A command injection vulnerability exists in IdeaCMS 1.8 and earlier versions, which stems from incorrect manipulation of the parameter site name in the file app/common/logic/admin/Config.php, which could lead to a command injection attack...

7.2CVSS5.2AI score0.17354EPSS
Exploits1References4
CNVD
CNVD
added 2025/06/11 12:0 a.m.2 views

Traffic Offense Reporting System save-settings.php file cross-site scripting vulnerability

Traffic Offense Reporting System is a traffic violation reporting system. Traffic Offense Reporting System suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied data by the sitename parameter in the save-settings.php file...

5.4CVSS6.4AI score0.00268EPSS
Exploits1References1
OSV
OSV
added 2025/06/05 2:15 p.m.5 views

CVE-2025-5661

A vulnerability, which was classified as problematic, was found in code-projects Traffic Offense Reporting System 1.0. This affects an unknown part of the file /save-settings.php of the component Setting Handler. The manipulation of the argument sitename leads to cross site scripting. It is...

5.4CVSS3.7AI score0.00268EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/06/05 12:0 a.m.4 views

Code-Projects Traffic Offense Reporting System 代码注入漏洞

Traffic Offense Reporting System is a traffic violation reporting system. Traffic Offense Reporting System suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied data by the sitename parameter in the save-settings.php file...

5.4CVSS4AI score0.00268EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/06/05 12:0 a.m.10 views

PT-2025-23932

Name of the Vulnerable Software and Affected Versions code-projects Traffic Offense Reporting System version 1.0 Description A problematic issue was found in the code-projects Traffic Offense Reporting System, affecting the /save-settings.php file of the Setting Handler component. The manipulatio...

5.4CVSS2.9AI score0.00268EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/05/22 8:34 p.m.4 views

CVE-2021-38710

Static Persistent XSS Vulnerability exists in version 4.3.0 of Yclas when using the install/view/form.php script. An attacker can store XSS in the database through the vulnerable SITENAME parameter...

6.1CVSS6.4AI score0.00636EPSS
Exploits0References1
Prion
Prion
added 2023/10/26 11:15 p.m.21 views

Directory traversal

Xpand IT Write-back manager v2.3.1 allows attackers to perform a directory traversal via modification of the siteName parameter...

4.6CVSS7.5AI score0.00787EPSS
Exploits1References1
OSV
OSV
added 2022/10/12 10:15 a.m.3 views

CVE-2022-3464

A vulnerability classified as problematic has been found in puppyCMS up to 5.1. This affects an unknown part of the file /admin/settings.php. The manipulation of the argument sitename leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this...

6.1CVSS3.9AI score0.00532EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/12 12:0 a.m.6 views

PT-2022-22262 · Puppycms · Puppycms

Name of the Vulnerable Software and Affected Versions: puppyCMS versions up to 5.1 Description: A problematic issue has been found in puppyCMS, affecting an unknown part of the file /admin/settings.php. The manipulation of the site name argument leads to cross-site scripting. It is possible to...

6.1CVSS6AI score0.00532EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/10/12 12:0 a.m.5 views

puppyCMS 跨站脚本漏洞

puppetCMS is a software application. A flat file CMS. A security vulnerability exists in puppyCMS versions prior to 5.1, which originates in an unknown section of the file /admin/settings.php, where the action parameter sitename leads to cross-site scripting XSS...

6.1CVSS5.7AI score0.00532EPSS
Exploits0References2
OSV
OSV
added 2021/08/18 3:15 p.m.3 views

CVE-2021-38710

Static Persistent XSS Vulnerability exists in version 4.3.0 of Yclas when using the install/view/form.php script. An attacker can store XSS in the database through the vulnerable SITENAME parameter...

6.1CVSS5.8AI score0.00636EPSS
Exploits0References1
NVD
NVD
added 2021/08/18 3:15 p.m.16 views

CVE-2021-38710

Static Persistent XSS Vulnerability exists in version 4.3.0 of Yclas when using the install/view/form.php script. An attacker can store XSS in the database through the vulnerable SITENAME parameter...

6.1CVSS0.00636EPSS
Exploits0References1
Prion
Prion
added 2021/08/18 3:15 p.m.12 views

Cross site scripting

Static Persistent XSS Vulnerability exists in version 4.3.0 of Yclas when using the install/view/form.php script. An attacker can store XSS in the database through the vulnerable SITENAME parameter...

4.3CVSS6AI score0.00636EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/08/18 12:0 a.m.3 views

Github yclas 跨站脚本漏洞

Github yclas is a powerful script that can convert any domain into a fully customizable classified ads site in seconds. A cross-site scripting vulnerability exists in Yclas version 4.3.0, which stems from the fact that the software's install/view/form.php does not validate and escape the SITENAME...

6.1CVSS5.9AI score0.00636EPSS
Exploits0References1
CNVD
CNVD
added 2019/03/01 12:0 a.m.2 views

baigo CMS Cross-Site Scripting Vulnerability

baigo CMS is a PHP-based open source web content management system. A cross-site scripting vulnerability exists in baigo CMS 2.1.1. A remote attacker can use this vulnerability to inject arbitrary Web script or HTML via the optbaseBGSITENAME parameter of the bgconsole/index.php?m=opt&c=request UR...

6.1CVSS6.1AI score0.01105EPSS
Exploits1References1
OSV
OSV
added 2019/02/28 2:29 p.m.2 views

CVE-2019-9226

An issue was discovered in baigo CMS 2.1.1. There is a persistent XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the optbaseBGSITENAME parameter to the bgconsole/index.php?m=opt&c=request URI...

6.1CVSS6.5AI score0.01105EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/29 12:0 a.m.4 views

DouCo DouPHP Cross-Site Scripting Vulnerability (CNVD-2019-00996)

DouCo DouPHP is a lightweight open source CMS Content Management System based on PHP and MySQL. A cross-site scripting vulnerability exists in admin/system.php?rec=update in DouCo DouPHP version 1.5 20181221. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

4.8CVSS6AI score0.00534EPSS
Exploits1References1
NVD
NVD
added 2018/12/28 4:29 p.m.17 views

CVE-2018-20558

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/system.php?rec=update has XSS via the sitename parameter...

4.8CVSS4.9AI score0.00534EPSS
Exploits1References1
OSV
OSV
added 2018/12/28 4:29 p.m.2 views

CVE-2018-20558

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/system.php?rec=update has XSS via the sitename parameter...

4.8CVSS5.8AI score0.00534EPSS
Exploits1References1
Rows per page
Query Builder