Lucene search
K

28 matches found

Cvelist
Cvelist
added 2023/01/20 12:0 a.m.29 views

CVE-2021-26642 XpressEngine file upload vulnerability

When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is...

8.8CVSS9.8AI score0.01162EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/02/09 12:0 a.m.5 views

XpressEngine 跨站脚本漏洞

XpressEngine XE is a CMS Content Management System that allows anyone to publish content easily, conveniently and freely. With an open source license, anyone can use or modify it, and as an open project, anyone can participate in its development. XE suffers from a security vulnerability that stem...

5.4CVSS6AI score0.00569EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/02/09 12:0 a.m.8 views

XpressEngine 跨站脚本漏洞

XpressEngine is a CMS Content Management System that allows anyone to publish content easily, conveniently and freely. A security vulnerability exists in XpressEngine, which stems from the fact that in XE 1.116, there is no restriction on file extensions when uploading a Normal button. An attacke...

5.4CVSS5.9AI score0.00487EPSS
Exploits1References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

XpressEngine 1.4.5.7 Persistent XSS Vulnerability

No description provided by source. Exploit Title: XpressEngine version 1.4.5.7 Persistent XSS Vulnerability Date: 2011.08.08 Author: v0nSch3lling Software Link: http://www.xpressengine.com Version: 1.4.5.7 Tested on: Microsoft Windows XP SP2 Case 1. Memeber ManagementDelete Account - Target :...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2011/08/08 12:0 a.m.12 views

XpressEngine 1.4.5.7 - Persistent Cross-Site Scripting

XpressEngine 1.4.5.7 - Persistent Cross-Site Scripting Exploit Title: XpressEngine version 1.4.5.7 Persistent XSS Vulnerability Date: 2011.08.08 Author: v0nSch3lling Software Link: http://www.xpressengine.com Version: 1.4.5.7 Tested on: Microsoft Windows XP SP2 Case 1. Memeber ManagementDelete...

6.8AI score
Exploits0
0day.today
0day.today
added 2011/08/08 12:0 a.m.29 views

XpressEngine 1.4.5.7 Persistent XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: XpressEngine version 1.4.5.7 Persistent XSS Vulnerability Date: 2011.08.08 Author: v0nSch3lling Software Link: http://www.xpressengine.com Version: 1.4.5.7 Tested on: Microsoft Windows XP SP2 Case 1. Memeber ManagementDelete...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2011/08/08 12:0 a.m.22 views

XpressEngine 1.4.5.7 - Persistent Cross-Site Scripting

Exploit Title: XpressEngine version 1.4.5.7 Persistent XSS Vulnerability Date: 2011.08.08 Author: v0nSch3lling Software Link: http://www.xpressengine.com Version: 1.4.5.7 Tested on: Microsoft Windows XP SP2 Case 1. Memeber ManagementDelete Account - Target : Memeber Management...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2009/09/04 12:0 a.m.16 views

ZeroBoard 4.1 pl7 - now_connect() Remote Code Execution

ZeroBoard 4.1 pl7 - nowconnect Remote Code Execution / poc by kyoungchip,jang email : [email protected] the bug - http://www.xpressengine.com/15955761 Application - Zeroboard 4.1 pl7 Reference: - http://www.nzeo.com - Zeroboard pregreplace vulnerability Remote nobody exploit by n0gada Targe...

Exploits0
Rows per page
Query Builder