Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

26 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:48 p.m.8 views

CVE-2026-10806

A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS6.3AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/04 12:15 p.m.35 views

CVE-2026-10806 mjperpinosa stumasy add_post.php unrestricted upload

A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS0.00209EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.10 views

EUVD-2022-31602

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.01082EPSS
Exploits3References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-48896

Malicious code in bioql PyPI...

4.8CVSS5.3AI score0.00457EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-31851

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.01082EPSS
Exploits3References4
RedhatCVE
RedhatCVEadded 2025/05/23 7:2 a.m.6 views

CVE-2024-33442

An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the addpost.php component...

4.3CVSS7.9AI score0.00632EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 1:7 a.m.6 views

CVE-2022-46058

AeroCMS v0.0.1 was discovered to contain a cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field...

4.8CVSS6.1AI score0.00457EPSS
Exploits1References1
NVD
NVDadded 2024/05/01 6:15 p.m.10 views

CVE-2024-33442

An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the addpost.php component...

4.3CVSS7.5AI score0.00632EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/05/01 12:0 a.m.9 views

CVE-2024-33442

An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the addpost.php component...

7.9AI score0.00632EPSS
Exploits1References1
CVE
CVEadded 2024/05/01 12:0 a.m.56 views

CVE-2024-33442

CVE-2024-33442 affects flusity-CMS v.2.33. The issue is a remote code execution vulnerability via the add_post.php component. The vulnerability is described across multiple sources (Red Hat, NVD, osv.dev, CVE lists) with a CVSS v3.1 base score of 4.3 (Medium), network attack vector, low attack co...

4.3CVSS7.8AI score0.00632EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2022/12/13 2:15 p.m.15 views

CVE-2022-46058

AeroCMS v0.0.1 was discovered to contain a cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field...

4.8CVSS6.1AI score0.00457EPSS
Exploits1References1
NVD
NVDadded 2022/12/13 2:15 p.m.23 views

CVE-2022-46058

AeroCMS v0.0.1 was discovered to contain a cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field...

4.8CVSS0.00457EPSS
Exploits1References1
Prion
Prionadded 2022/12/13 2:15 p.m.17 views

Cross site scripting

AeroCMS v0.0.1 was discovered to contain a cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field...

4.3CVSS5AI score0.00457EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/12/13 12:0 a.m.6 views

CVE-2022-46058

AeroCMS v0.0.1 was discovered to contain a cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field...

5.3AI score0.00457EPSS
Exploits1References1
CVE
CVEadded 2022/12/13 12:0 a.m.85 views

CVE-2022-46058

CVE-2022-46058 affects AeroCMS v0.0.1, with a cross-site scripting (XSS) vulnerability exploitable via add_post.php. The issue allows an attacker to inject a crafted payload into the Comments text field to execute arbitrary web scripts or HTML. This is documented across multiple sources (NVD, RH ...

4.8CVSS5AI score0.00457EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/12/13 12:0 a.m.30 views

CVE-2022-46058

AeroCMS v0.0.1 was discovered to contain a cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field...

5.2AI score0.00457EPSS
Exploits1References1
Prion
Prionadded 2022/06/02 2:15 p.m.18 views

Sql injection

elitecms 1.01 is vulnerable to SQL Injection via /admin/addpost.php...

7.5CVSS9.8AI score0.01081EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2022/05/31 4:18 p.m.81 views

CVE-2022-30813

CVE-2022-30813 affects elitecms 1.01 and is caused by a lack of input validation on the /admin/add_post.php page, enabling SQL Injection. Multiple connected sources corroborate the vulnerability and affected product/version. The NVD and other records assign a high/critical impact (CVSS v3.1: 9.8,...

9.8CVSS9.8AI score0.01081EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2022/04/08 9:15 a.m.17 views

CVE-2022-27062

AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field...

4.8CVSS0.01082EPSS
Exploits3References3
OSV
OSVadded 2022/04/08 9:15 a.m.14 views

CVE-2022-27062

AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field...

4.8CVSS5.9AI score
Exploits0References3
Rows per page
Query Builder