Lucene search
K

5 matches found

CVE
CVE
added 2025/10/30 9:22 p.m.12 views

CVE-2017-20209

Nagios Fusion prior to version 4.0.1 is vulnerable to cross-site scripting (XSS) via the Users and Servers pages. The issue arises from insufficient validation or escaping of user-supplied input, potentially allowing an attacker to inject and execute arbitrary script in a victim’s browser. The pr...

6.1CVSS5.8AI score0.00471EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/11/29 5:15 a.m.6 views

CVE-2023-46886

Dreamer CMS before version 4.0.1 is vulnerable to Directory Traversal. Background template management allows arbitrary modification of the template file, allowing system sensitive files to be read...

9.1CVSS5.9AI score0.00992EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/11/29 12:0 a.m.6 views

Dreamer CMS Security Vulnerability

Dreamer CMS is a dreamer content management system developed by Junnan Wang, an individual developer in China. A security vulnerability exists in Dreamer CMS versions prior to 4.0.1, which stems from an arbitrary file download vulnerability in the attachment management office feature...

7.5CVSS6.8AI score0.00292EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/06/21 2:15 p.m.1 views

CVE-2022-31478

The UserTakeOver plugin before 4.0.1 for ILIAS allows an attacker to list all users via the search function...

4.3CVSS5.4AI score0.00616EPSS
Exploits0References4
OSV
OSV
added 2014/11/25 11:59 p.m.7 views

CVE-2014-9032

Cross-site scripting XSS vulnerability in the media-playlists feature in WordPress before 3.9.x before 3.9.3 and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.5AI score
Exploits0References7
Rows per page
Query Builder