Lucene search
+L

43 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-23976

Malware in sbrugna...

5.4CVSS5.5AI score0.00562EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/05/22 4:39 p.m.14 views

CVE-2020-36492

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component selectmedia.php via the activepath, keyword, tag, fmdo=x, CKEditor and CKEditorFuncNum parameters...

5.4CVSS6.4AI score0.00562EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 4:39 p.m.11 views

CVE-2020-36491

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component tagsmain.php via the activepath, keyword, tag, fmdo=x, CKEditor and CKEditorFuncNum parameters...

5.4CVSS6.4AI score0.00562EPSS
Exploits1
osv
osv
added 2024/11/14 3:15 p.m.5 views

CVE-2024-11210

A vulnerability was found in EyouCMS 1.51. It has been rated as critical. This issue affects the function editFile of the file application/admin/logic/FilemanagerLogic.php. The manipulation of the argument activepath leads to path traversal. The attack may be initiated remotely. The exploit has...

5.4CVSS5.5AI score0.00622EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2024/11/14 12:0 a.m.6 views

PT-2024-16828 · Eyoucms · Eyoucms

Name of the Vulnerable Software and Affected Versions: EyouCMS version 1.51 Description: A critical issue affects the function editFile of the file application/admin/logic/FilemanagerLogic.php. The manipulation of the argument activepath leads to path traversal. The attack may be initiated...

5.5CVSS5.8AI score0.00622EPSS
Exploits1References10
cvelist
cvelist
added 2024/08/23 12:0 a.m.22 views

CVE-2024-42636

DedeCMS V5.7.115 has a command execution vulnerability via filemanageview.php?fmdo=newfile&activepath...

0.0086EPSS
Exploits0References1
osv
osv
added 2023/09/27 3:19 p.m.4 views

CVE-2023-43234

DedeBIZ v6.2.11 was discovered to contain multiple remote code execution RCE vulnerabilities at /admin/filemanagecontrol.php via the $activepath and $filename parameters...

9.8CVSS6.4AI score0.00997EPSS
Exploits0References4
attackerkb
attackerkb
added 2023/09/27 3:19 p.m.5 views

CVE-2023-43234

DedeBIZ v6.2.11 was discovered to contain multiple remote code execution RCE vulnerabilities at /admin/filemanagecontrol.php via the $activepath and $filename parameters...

9.8CVSS7.8AI score0.00997EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2023/09/26 12:0 a.m.6 views

PT-2023-28740 · Dedebiz · Dedebiz

Name of the Vulnerable Software and Affected Versions: DedeBIZ version 6.2.11 Description: The issue concerns multiple remote code execution RCE vulnerabilities. These vulnerabilities are located at the "/admin/file manage control.php" API endpoint via the $activepath and $filename parameters...

9.8CVSS8AI score0.00997EPSS
Exploits0References7
osv
osv
added 2023/09/17 6:15 a.m.4 views

CVE-2023-5022

A vulnerability has been found in DedeCMS up to 5.7.100 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /include/dialog/selecttempletspost.php. The manipulation of the argument activepath leads to absolute path traversal. The associated identifie...

8.8CVSS5.5AI score0.00705EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/09/17 12:0 a.m.4 views

Desdev DedeCMS Security Breach

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has content publishing, content management, content editing and content retrieval functions. A security vulnerability exists in...

8.8CVSS6.8AI score0.00705EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2023/09/16 12:0 a.m.8 views

PT-2023-31501 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS versions up to 5.7.100 Description: A critical issue has been found in DedeCMS, affecting an unknown functionality of the file /include/dialog/select templets post.php. The manipulation of the activepath argument leads to absolute pat...

8.8CVSS5.9AI score0.00705EPSS
Exploits0References6
osv
osv
added 2023/01/20 7:15 p.m.3 views

CVE-2022-45539

EyouCMS = 1.6.0 was discovered a reflected-XSS in FileManager component in GET value "activepath" when creating a new file...

6.1CVSS5.8AI score0.00418EPSS
Exploits1References1
prion
prion
added 2023/01/20 7:15 p.m.23 views

Cross site scripting

EyouCMS = 1.6.0 was discovered a reflected-XSS in FileManager component in GET value "activepath" when creating a new file...

5.8CVSS6.2AI score0.00418EPSS
Exploits1References1Affected Software1
cnnvd
cnnvd
added 2023/01/20 12:0 a.m.5 views

EyouCMS 跨站脚本漏洞

Zanzan Network Technology EyouCms Eyou CMS is an open source content management system CMS based on ThinkPHP by China Zanzan Network Technology Company. A cross-site scripting vulnerability exists in EyouCMS version 1.6.0 and earlier versions, which originates from the activepath GET parameter of...

6.1CVSS5.8AI score0.00418EPSS
Exploits1References2
cvelist
cvelist
added 2023/01/20 12:0 a.m.43 views

CVE-2022-45539

EyouCMS = 1.6.0 was discovered a reflected-XSS in FileManager component in GET value "activepath" when creating a new file...

6.5AI score0.00418EPSS
Exploits1References1
cnvd
cnvd
added 2021/10/25 12:0 a.m.28 views

DedeCMS Cross-Site Scripting Vulnerability (CNVD-2021-81102)

DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via activepath, keyword, tag,...

5.4CVSS5.3AI score0.00562EPSS
Exploits1References1
cnvd
cnvd
added 2021/10/25 12:0 a.m.23 views

DedeCMS Cross-Site Scripting Vulnerability (CNVD-2021-81100)

DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the activepath, keyword,...

5.4CVSS5.3AI score0.00562EPSS
Exploits1References1
cnvd
cnvd
added 2021/10/25 12:0 a.m.20 views

DedeCMS Cross-Site Scripting Vulnerability (CNVD-2021-81101)

DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the activepath, keyword,...

5.4CVSS5.3AI score0.00562EPSS
Exploits1References1
cnvd
cnvd
added 2021/10/25 12:0 a.m.26 views

DedeCMS Cross-Site Scripting Vulnerability (CNVD-2021-81097)

DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the activepath, keyword,...

5.4CVSS5.3AI score0.00562EPSS
Exploits1References1
Rows per page
Query Builder