Lucene search
K

24 matches found

Nuclei
Nuclei
added 16 hours ago26 views

ZZcms - Cross-Site Scripting

ZZcms 2019 contains a cross-site scripting vulnerability in the user login page. An attacker can inject arbitrary JavaScript code in the referer header via user/login.php, which can allow theft of cookie-based credentials and launch of subsequent attacks. id: CVE-2020-20285 info: name: ZZcms -...

5.4CVSS6.2AI score0.01552EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/03/19 5:25 p.m.12 views

AVideo has an Open Redirect via Unvalidated redirectUri in userLogin.php

Summary WWBN/AVideo contains an open redirect vulnerability in the login flow where a user-supplied redirectUri parameter is reflected directly into a JavaScript document.location assignment without JavaScript-safe encoding. After a user completes the login popup flow, a timer callback executes t...

6.1CVSS5.7AI score0.0019EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 11:24 a.m.6 views

CVE-2021-31631

b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery CSRF via the User login page. This vulnerability allows attackers to escalate privileges...

8.8CVSS7.6AI score0.00537EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.6 views

PT-2025-50766

Name of the Vulnerable Software and Affected Versions KodExplorer version 4.52 Description KodExplorer 4.52 contains an open redirect issue in the user login page. Attackers can manipulate the link parameter to redirect users to arbitrary external websites after authentication. The vulnerable...

5.3CVSS6.7AI score0.00278EPSS
Exploits1References6
NVD
NVD
added 2025/11/17 6:15 p.m.6 views

CVE-2024-44653

Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the useremail parameter in userlogin.php...

6.5CVSS0.00215EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.12 views

ZenTao多款产品 安全漏洞

ZenTao Biz and others are a project management software from the Chinese company ZenTao. A security vulnerability exists in several ZenTao products, which stems from insufficient validation of the parameter account in the file /zentao/user-login.html, which could lead to an SQL injection attack...

8.7CVSS7.5AI score0.00402EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-13072

Malware in sbrugna...

5.4CVSS5.6AI score0.01552EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-18520

Malware in sbrugna...

8.8CVSS8.7AI score0.00537EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-1989

Malware in sbrugna...

4.3CVSS6.4AI score0.01066EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 3:17 p.m.6 views

CVE-2020-20285

There is a XSS in the user login page in zzcms 2019. Users can inject js code by the referer header via user/login.php...

5.4CVSS6.2AI score0.01552EPSS
Exploits1
OSV
OSV
added 2023/09/24 10:15 p.m.6 views

CVE-2023-5142

A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of th...

5.3CVSS4.5AI score0.02317EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2023/06/13 12:0 a.m.250 views

Piyanas 0.1 Cross Site Request Forgery

==================================================================================================================================== | Title : Piyanas v0.1 User Login Page CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | ...

7.1AI score
Exploits0
OSV
OSV
added 2021/12/06 10:15 p.m.16 views

CVE-2021-31631

b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery CSRF via the User login page. This vulnerability allows attackers to escalate privileges...

8.8CVSS7.5AI score
Exploits0References1
NVD
NVD
added 2021/12/06 10:15 p.m.15 views

CVE-2021-31631

b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery CSRF via the User login page. This vulnerability allows attackers to escalate privileges...

8.8CVSS0.00537EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/12/06 9:3 p.m.14 views

CVE-2021-31631

b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery CSRF via the User login page. This vulnerability allows attackers to escalate privileges...

9.1AI score0.00537EPSS
Exploits1References1
NVD
NVD
added 2020/12/30 7:15 p.m.24 views

CVE-2020-29228

EGavilanMedia User Registration and Login System With Admin Panel 1.0 is affected by SQL injection in the User Login Page...

7.5CVSS8AI score0.01161EPSS
Exploits2References2
Cvelist
Cvelist
added 2020/12/18 6:20 p.m.21 views

CVE-2020-20285

There is a XSS in the user login page in zzcms 2019. Users can inject js code by the referer header via user/login.php...

5.4AI score0.01552EPSS
Exploits1References1
CVE
CVE
added 2020/12/18 6:20 p.m.74 views

CVE-2020-20285

ZZCMS 2019 contains a cross-site scripting vulnerability in the user login page. An attacker can inject arbitrary JavaScript via the referer header in user/login.php, as documented by the Nuclei template for CVE-2020-20285. Impact per the connected sources includes potential theft of cookies and ...

5.4CVSS5.3AI score0.01552EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2020/12/18 12:0 a.m.6 views

ZZCMS 跨站脚本漏洞

ZZCMS is the content management system of Webmaster Merchants. A cross-site scripting vulnerability exists in the user login page of zzcms 2019. An attacker can exploit this vulnerability by injecting js code via user/login.php via the referer header...

5.4CVSS6AI score0.01552EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.481 views

EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF

Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF Date: 01-12-2020 Exploit Author: Hardik Solanki Vendor Homepage: http://egavilanmedia.com Software Link:...

7.4AI score
Exploits0
Rows per page
Query Builder