CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

403 matches found

OSV•added 2024/08/12 5:15 p.m.•1 views

CVE-2024-42623

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/layout/delete/1...

8.8CVSS5.8AI score0.00279EPSS

Exploits1References1

OSV•added 2024/08/12 4:15 p.m.•1 views

CVE-2024-42629

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/page/edit/10...

8.8CVSS5.8AI score0.00212EPSS

Exploits1References1

CNNVD•added 2024/08/06 12:0 a.m.•4 views

PayPal,Credit Card and Debit Card Payment 跨站脚本漏洞

PayPal,Credit Card and Debit Card Payment is a PayPal, Credit Card and Debit Card Payment software by janobe Personal Developer. A cross-site scripting vulnerability exists in PayPal,Credit Card and Debit Card Payment version 1.0. An attacker can create a specially crafted URL and send it to the...

7.1CVSS6.1AI score0.00267EPSS

Exploits0References2

Positive Technologies•added 2024/07/29 12:0 a.m.•2 views

PT-2024-38159 · Sourcecodester · Sourcecodester Complaint Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Complaints Report Management System version 1.0 Description: A critical issue affects some unknown functionality of the file /admin/manage complaint.php, where the manipulation of the id argument leads to sql injection. The...

8.8CVSS7.2AI score0.00532EPSS

Exploits1References8

CNNVD•added 2024/07/29 12:0 a.m.•2 views

Complaints Report Management System SQL注入漏洞

Complaints Report Management System is a Complaints Report Management System by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Complaints Report Management System version 1.0, which is caused by an SQL injection vulnerability in the id parameter of the...

8.8CVSS7AI score0.00532EPSS

Exploits1References5

Vulnrichment•added 2024/07/12 12:0 a.m.•9 views

CVE-2024-40543

PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery SSRF via the component /admin/ueditor?action=catchimage...

7.6AI score0.00302EPSS

Exploits1References1

OSV•added 2024/07/10 1:15 p.m.•2 views

CVE-2024-40333

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/softBakdeal.php?mudi=del&dataID=2...

8.8CVSS5.8AI score0.00601EPSS

Exploits1References1

OSV•added 2024/07/09 7:15 p.m.•1 views

CVE-2024-40035

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/userLeveldeal.php?mudi=add...

5.9CVSS5.8AI score

Exploits0References1

CNNVD•added 2024/07/09 12:0 a.m.•3 views

idcCMS Security Breach

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Agent System is a cloud management agent system by Net Titanium Technology China. A security vulnerability exists in idcCMS v1.35, which originates from a cross-site request forgery vulnerability in the...

8.8CVSS6.8AI score0.00295EPSS

Exploits1References2

CNNVD•added 2024/07/09 12:0 a.m.•3 views

idcCMS Security Breach

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Proxy System is a cloud management proxy system from China's Net Titanium Technology Net Titanium Technology. A security vulnerability exists in idcCMS v1.35, which originates from a cross-site request forgery vulnerability in the...

8.8CVSS6.8AI score0.00295EPSS

Exploits1References2

OSV•added 2024/07/05 7:15 p.m.•1 views

CVE-2024-39022

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/infoSysdeal.php?mudi=deal...

8.8CVSS5.8AI score0.00296EPSS

Exploits1References1

OSV•added 2024/06/27 2:15 p.m.•2 views

CVE-2024-39158

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/userSysdeal.php?mudi=infoSet...

8.8CVSS5.8AI score0.00296EPSS

Exploits1References1

OSV•added 2024/06/27 2:15 p.m.•1 views

CVE-2024-39155

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/ipRecorddeal.php?mudi=add...

6.8CVSS5.8AI score0.00205EPSS

Exploits1References1

OSV•added 2024/06/05 7:15 p.m.•4 views

CVE-2024-36670

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component admin/vpsClassdeal.php?mudi=del...

8.8CVSS5.8AI score0.00289EPSS

Exploits1References1

Positive Technologies•added 2024/06/05 12:0 a.m.•2 views

PT-2024-27110 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is a Cross-Site Request Forgery CSRF that affects the component "/admin/idcProType deal.php?mudi=add&nohrefStr=close". This allows for unauthorized requests to be made on behalf of the user...

8.8CVSS7AI score0.00241EPSS

Exploits1References7

OSV•added 2024/05/28 5:15 p.m.•2 views

CVE-2024-34854

F-logic DataCube3 v1.0 is vulnerable to File Upload via /admin/transceiverschedule.php...

9.8CVSS5.8AI score0.12752EPSS

Exploits1References1

OSV•added 2024/05/22 2:15 p.m.•1 views

CVE-2024-35556

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/vpsSysdeal.php?mudi=infoSet...

8.8CVSS5.8AI score0.00295EPSS

Exploits1References1

CNNVD•added 2024/05/22 12:0 a.m.•3 views

idccms 安全漏洞

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Agent System is a cloud management agent system from China's Net Titanium Technology Net Titanium Technology. A security vulnerability exists in idccms v1.35, which was discovered via the component...

5.5CVSS6.8AI score0.00182EPSS

Exploits1References3

Positive Technologies•added 2024/05/17 12:0 a.m.•4 views

PT-2024-34225 · Sourcecodester · Online Birth Certificate Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Birth Certificate Management System version 1.0 Description: A vulnerability was found in the system, affecting unknown code of the file /admin, which can be manipulated to make files or directories accessible. The attac...

7.5CVSS7.2AI score0.00525EPSS

Exploits1References8

OSV•added 2024/04/15 2:15 p.m.•2 views

CVE-2024-3785

Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes SSI, through Device NAS shared section /admin/DeviceNAS. Exploitation of this vulnerability could allow a remote user to execute arbitrary code...

6.6CVSS6AI score0.00652EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by