Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

16 matches found

RedhatCVE
RedhatCVEadded 2026/04/27 7:23 p.m.4 views

CVE-2026-7014

A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component downcount Plugin. This manipulation of the argument ffile/fprefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading...

4.8CVSS3.1AI score0.00013EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/27 7:23 p.m.10 views

CVE-2026-7011

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/pluginantispam of the component Antispam Plugin. Executing a manipulation of the argument floggingfile can lead to cross site scripting. It is possible to launc...

4.8CVSS3.1AI score0.00013EPSS
Exploits0References1
NVD
NVDadded 2026/04/26 4:16 a.m.3 views

CVE-2026-7016

A vulnerability was found in MaxSite CMS up to 109.3. Impacted is an unknown function of the component ushki Plugin. Performing a manipulation of the argument fushkanew/fushk results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been made public and could...

4.8CVSS0.00039EPSS
Exploits0References7
NVD
NVDadded 2026/04/26 3:16 a.m.1 views

CVE-2026-7013

A security vulnerability has been detected in MaxSite CMS up to 109.3. Affected by this issue is some unknown functionality of the component mailsend Plugin. The manipulation of the argument fsubject/ffiles/ffrom leads to cross site scripting. The attack can be initiated remotely. The exploit has...

4.8CVSS0.00039EPSS
Exploits0References7
CVE
CVEadded 2026/04/26 3:15 a.m.6 views

CVE-2026-7016

CVE-2026-7016 concerns MaxSite CMS (up to 109.3) via the ushki Plugin. The vulnerability is a Cross-Site Scripting flaw caused by improper filtering of arguments f_ushka_new/f_ushk, allowing remote exploitation. The issue has been publicly disclosed and is exploitable in practice, with the exploi...

4.8CVSS3.5AI score0.00039EPSS
Exploits0References7
Cvelist
Cvelistadded 2026/04/26 3:15 a.m.28 views

CVE-2026-7016 MaxSite CMS ushki Plugin cross site scripting

A vulnerability was found in MaxSite CMS up to 109.3. Impacted is an unknown function of the component ushki Plugin. Performing a manipulation of the argument fushkanew/fushk results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been made public and could...

4.8CVSS0.00039EPSS
Exploits0References7
Vulnrichment
Vulnrichmentadded 2026/04/26 2:45 a.m.3 views

CVE-2026-7015 MaxSite CMS Guestbook Plugin cross site scripting

A vulnerability has been found in MaxSite CMS up to 109.3. This issue affects some unknown processing of the component Guestbook Plugin. Such manipulation of the argument ftext/fslug/flimit/femail leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed t...

4.8CVSS3.2AI score0.00039EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 2026/04/26 2:30 a.m.2 views

CVE-2026-7014

A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component downcount Plugin. This manipulation of the argument ffile/fprefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading...

4.8CVSS3.9AI score0.00013EPSS
Exploits0References7Affected Software1
Cvelist
Cvelistadded 2026/04/26 1:15 a.m.32 views

CVE-2026-7012 MaxSite CMS Redirect Plugin cross site scripting

A vulnerability was detected in MaxSite CMS up to 109.3. This affects an unknown part of the component Redirect Plugin. The manipulation of the argument fall/fall404 results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used. Upgrading to versi...

4.8CVSS0.00013EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 2026/04/26 1:15 a.m.1 views

CVE-2026-7012

A vulnerability was detected in MaxSite CMS up to 109.3. This affects an unknown part of the component Redirect Plugin. The manipulation of the argument fall/fall404 results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used. Upgrading to versi...

4.8CVSS3.9AI score0.00013EPSS
Exploits0References7Affected Software1
CVE
CVEadded 2026/04/26 1:15 a.m.4 views

CVE-2026-7012

MaxSite CMS (up to 109.3) is affected in the Redirect Plugin, where manipulation of the f_all/f_all404 argument enables cross-site scripting. The vulnerability is exploitable remotely and, per sources, the exploit is public. Upgrading to version 109.4 mitigates the issue; the patch is identified ...

4.8CVSS3.3AI score0.00013EPSS
Exploits0References7
Cvelist
Cvelistadded 2026/04/26 12:30 a.m.23 views

CVE-2026-7011 MaxSite CMS Antispam Plugin plugin_antispam cross site scripting

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/pluginantispam of the component Antispam Plugin. Executing a manipulation of the argument floggingfile can lead to cross site scripting. It is possible to launc...

4.8CVSS0.00013EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 2026/04/26 12:30 a.m.3 views

CVE-2026-7011

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/pluginantispam of the component Antispam Plugin. Executing a manipulation of the argument floggingfile can lead to cross site scripting. It is possible to launc...

4.8CVSS3.9AI score0.00013EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.0 views

PT-2026-35194

A security vulnerability has been detected in MaxSite CMS up to 109.3. Affected by this issue is some unknown functionality of the component mail send Plugin. The manipulation of the argument f subject/f files/f from leads to cross site scripting. The attack can be initiated remotely. The exploit...

4.8CVSS3.7AI score0.00039EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.0 views

PT-2026-35180

A vulnerability was detected in MaxSite CMS up to 109.3. This affects an unknown part of the component Redirect Plugin. The manipulation of the argument f all/f all404 results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used. Upgrading to...

4.8CVSS3.9AI score0.00013EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.3 views

PT-2026-35196

A vulnerability has been found in MaxSite CMS up to 109.3. This issue affects some unknown processing of the component Guestbook Plugin. Such manipulation of the argument f text/f slug/f limit/f email leads to cross site scripting. The attack may be launched remotely. The exploit has been disclos...

4.8CVSS3.8AI score0.00039EPSS
Exploits0References8
Rows per page
Query Builder