Lucene search
K

31 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:6 a.m.10 views

CVE-2022-2740

A vulnerability was found in SourceCodester Company Website CMS. It has been declared as critical. This vulnerability affects unknown code of the file /dashboard/add-blog.php of the component Add Blog. The manipulation of the argument ufile leads to unrestricted upload. The attack can be initiate...

9.8CVSS7.2AI score0.00577EPSS
Exploits0References1
0day.today
0day.today
added 2023/03/30 12:0 a.m.227 views

Shoplazza 1.1 - Stored Cross-Site Scripting Vulnerability

Exploit Title: Shoplazza 1.1 - Stored Cross-Site Scripting XSS Exploit Author: Andrey Stoykov Software Link: https://github.com/Shoplazza/LifeStyle Version: 1.1 Tested on: Ubuntu 20.04 Stored XSS 1: To reproduce do the following: 1. Login as normal user account 2. Browse "Blog Posts" - "Manage...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/30 12:0 a.m.134 views

Shoplazza 1.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: Shoplazza 1.1 - Stored Cross-Site Scripting XSS Exploit Author: Andrey Stoykov Software Link: https://github.com/Shoplazza/LifeStyle Version: 1.1 Tested on: Ubuntu 20.04 Stored XSS 1: To reproduce do the following: 1. Login as normal user account 2. Browse "Blog Posts" - "Manage...

7.4AI score
Exploits0
OSV
OSV
added 2022/12/18 11:15 a.m.5 views

CVE-2022-4596

A vulnerability, which was classified as problematic, has been found in Shoplazza 1.1. This issue affects some unknown processing of the file /admin/api/admin/articles/ of the component Add Blog Post Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be...

5.4CVSS3.9AI score0.00581EPSS
Exploits1References3
NVD
NVD
added 2022/12/18 11:15 a.m.20 views

CVE-2022-4596

A vulnerability, which was classified as problematic, has been found in Shoplazza 1.1. This issue affects some unknown processing of the file /admin/api/admin/articles/ of the component Add Blog Post Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be...

5.4CVSS0.00581EPSS
Exploits1References3
Prion
Prion
added 2022/12/18 11:15 a.m.18 views

Cross site scripting

A vulnerability, which was classified as problematic, has been found in Shoplazza 1.1. This issue affects some unknown processing of the file /admin/api/admin/articles/ of the component Add Blog Post Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be...

4.9CVSS5.3AI score0.00581EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/18 12:0 a.m.6 views

CVE-2022-4596 Shoplazza Add Blog Post cross site scripting

A vulnerability, which was classified as problematic, has been found in Shoplazza 1.1. This issue affects some unknown processing of the file /admin/api/admin/articles/ of the component Add Blog Post Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be...

3.5CVSS4.1AI score0.00581EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/12/18 12:0 a.m.5 views

PT-2022-27700 · Shoplazza · Shoplazza

Name of the Vulnerable Software and Affected Versions: Shoplazza version 1.1 Description: A problematic issue has been found in the processing of the file "/admin/api/admin/articles/" of the component Add Blog Post Handler. The manipulation of the Title argument leads to cross-site scripting. The...

5.4CVSS5.1AI score0.00581EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2022/12/14 12:0 a.m.185 views

Shoplazza 1.1 Cross Site Scripting

Exploit Title: Shoplazza 1.1 - Stored Cross Site Scripting Exploit Author: Andrey Stoykov Software Link: https://github.com/Shoplazza/LifeStyle Version: 1.1 Tested on: Ubuntu 20.04 Stored XSS 1: To reproduce do the following: 1. Login as normal user account 2. Browse "Blog Posts" - "Manage Blogs"...

Exploits0
Cvelist
Cvelist
added 2022/08/11 4:55 a.m.20 views

CVE-2022-2740 SourceCodester Company Website CMS Add Blog add-blog.php unrestricted upload

A vulnerability was found in SourceCodester Company Website CMS. It has been declared as critical. This vulnerability affects unknown code of the file /dashboard/add-blog.php of the component Add Blog. The manipulation of the argument ufile leads to unrestricted upload. The attack can be initiate...

6.3CVSS9.8AI score0.00577EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/08/11 12:0 a.m.4 views

Company Website CMS 代码问题漏洞

Company Website CMS is a company website/CMS by Torrahclef Individual Developer. Company Website CMS suffers from a code issue vulnerability that stems from an unrestricted upload due to the manipulation of the parameter ufile in an unknown portion of code in its add blog content component...

9.8CVSS8.3AI score0.00577EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/08/09 12:0 a.m.5 views

Company Website CMS 跨站脚本漏洞

Company Website CMS is a company website/CMS by Torrahclef Personal Developer. Company Website CMS suffers from a cross-site scripting vulnerability that stems from some unknown functionality in the file add-blog.php being affected, resulting in cross-site scripting, where attacks can be launched...

6.1CVSS5.7AI score0.00403EPSS
Exploits0References2
OSV
OSV
added 2022/05/14 3:25 a.m.16 views

GHSA-M2R2-QC49-GQW4 Gleez CMS Stored XSS

Cross-site scripting XSS vulnerability in Gleez CMS 1.2.0 and 2.0 might allow remote attackers users to inject JavaScript via HTML content in an editor, which will result in Stored XSS when an Administrator tries to edit the same content, as demonstrated by use of the source editor for HTML mode ...

5.4CVSS5.3AI score0.0098EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2022/05/14 3:25 a.m.24 views

Gleez CMS Stored XSS

Cross-site scripting XSS vulnerability in Gleez CMS 1.2.0 and 2.0 might allow remote attackers users to inject JavaScript via HTML content in an editor, which will result in Stored XSS when an Administrator tries to edit the same content, as demonstrated by use of the source editor for HTML mode ...

5.4CVSS5.5AI score0.0098EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/01/20 12:15 a.m.5 views

CVE-2021-46026

mysiteforme, as of 19-12-2022, is vulnerable to Cross Site Scripting XSS via the add blog tag function in the blog tag in the background blog management...

5.4CVSS5.8AI score0.00441EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/01/20 12:15 a.m.5 views

CVE-2021-46026

mysiteforme, as of 19-12-2022, is vulnerable to Cross Site Scripting XSS via the add blog tag function in the blog tag in the background blog management...

5.4CVSS5.9AI score0.00441EPSS
Exploits1References2
Prion
Prion
added 2022/01/20 12:15 a.m.16 views

Cross site scripting

mysiteforme, as of 19-12-2022, is vulnerable to Cross Site Scripting XSS via the add blog tag function in the blog tag in the background blog management...

3.5CVSS5.2AI score0.00441EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/01/19 11:4 p.m.16 views

CVE-2021-46026

mysiteforme, as of 19-12-2022, is vulnerable to Cross Site Scripting XSS via the add blog tag function in the blog tag in the background blog management...

5.5AI score0.00441EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/01/19 12:0 a.m.6 views

PT-2022-12511 · Unknown · Mysiteforme

Name of the Vulnerable Software and Affected Versions: mysiteforme affected versions not specified Description: The issue concerns a Cross Site Scripting XSS vulnerability via the add blog tag function in the background blog management. This allows for potential malicious script execution...

5.4CVSS6AI score0.00441EPSS
Exploits1References3
OSV
OSV
added 2018/09/04 4:29 a.m.4 views

CVE-2018-16449

OneThink 1.1.141212 allows CSRF for adding a page via admin.php?s=/Channel/add.html, adding a blog via admin.php?s=/Article/update.html, and setting the audit state via admin.php?s=/Article/setStatus/status/1.html...

6.5CVSS5.8AI score0.00556EPSS
Exploits1References1
Rows per page
Query Builder