24 matches found
EUVD-2022-31851
Malicious code in bioql PyPI...
EUVD-2022-31602
Malicious code in bioql PyPI...
EUVD-2022-48896
Malicious code in bioql PyPI...
CVE-2024-33442
An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the addpost.php component...
CVE-2022-46058
AeroCMS v0.0.1 was discovered to contain a cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field...
CVE-2024-33442
An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the addpost.php component...
CVE-2024-33442
An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the addpost.php component...
CVE-2024-33442
CVE-2024-33442 affects flusity-CMS v.2.33. The issue is a remote code execution vulnerability via the add_post.php component. The vulnerability is described across multiple sources (Red Hat, NVD, osv.dev, CVE lists) with a CVSS v3.1 base score of 4.3 (Medium), network attack vector, low attack co...
CVE-2022-46058
AeroCMS v0.0.1 was discovered to contain a cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field...
CVE-2022-46058
AeroCMS v0.0.1 was discovered to contain a cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field...
Cross site scripting
AeroCMS v0.0.1 was discovered to contain a cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field...
CVE-2022-46058
CVE-2022-46058 affects AeroCMS v0.0.1, with a cross-site scripting (XSS) vulnerability exploitable via add_post.php. The issue allows an attacker to inject a crafted payload into the Comments text field to execute arbitrary web scripts or HTML. This is documented across multiple sources (NVD, RH ...
CVE-2022-46058
AeroCMS v0.0.1 was discovered to contain a cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field...
CVE-2022-46058
AeroCMS v0.0.1 was discovered to contain a cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field...
Sql injection
elitecms 1.01 is vulnerable to SQL Injection via /admin/addpost.php...
CVE-2022-30813
CVE-2022-30813 affects elitecms 1.01 and is caused by a lack of input validation on the /admin/add_post.php page, enabling SQL Injection. Multiple connected sources corroborate the vulnerability and affected product/version. The NVD and other records assign a high/critical impact (CVSS v3.1: 9.8,...
CVE-2022-27062
AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field...
CVE-2022-27062
AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field...
CVE-2022-27062
AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field...
Cross site scripting
AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field...