Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2025/09/26 1:32 a.m.3 views

CVE-2025-10993 MuYuCMS Template Management admin.php code injection

A security flaw has been discovered in MuYuCMS up to 2.7. Affected by this issue is some unknown functionality of the file /admin.php of the component Template Management. The manipulation results in code injection. It is possible to launch the attack remotely...

5.8CVSS0.00064EPSS
Exploits0References4
OSV
OSVadded 2025/08/01 4:16 a.m.0 views

CVE-2025-8434

A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been classified as critical. Affected is an unknown function of the file /admin.php. The manipulation of the argument ID leads to missing authorization. It is possible to launch the attack remotely. The exploit has been...

6.9CVSS5.5AI score
Exploits0References5
OSV
OSVadded 2018/11/22 9:29 p.m.1 views

CVE-2018-19464

Discuz! X3.4 allows XSS via admin.php because admincp/admincpsetting.php and template\default\common\footer.htm mishandles statcode field from third-party stats code...

4.8CVSS5.8AI score0.00235EPSS
Exploits0References1
CNVD
CNVDadded 2018/10/19 12:0 a.m.1 views

DESTOON B2B Cross-Site Scripting Vulnerability (CNVD-2018-21497)

DESTOON B2B is a PHP and MySQL based on open source B2B e-commerce website management system . A cross-site scripting vulnerability exists in the admin/category.inc.php file in DESTOON B2B version 7.0. A remote attacker can inject arbitrary Web script or HTML by providing the 'categorycatname'...

4.8CVSS4.9AI score0.00235EPSS
Exploits1References1
CNVD
CNVDadded 2018/07/02 12:0 a.m.1 views

Sandoba CP:Shop '. /cpshop/' module cross-site scripting vulnerability

Sandoba CP:Shop is a set of online store system of German Sandoba company. The system sales management, financial management and site search and other functions. The Sandoba CP:Shop 2016.1 version of the '. /cpshop/' module has a cross-site scripting vulnerability in the 'admin.php' file. The...

6.1CVSS6.1AI score0.00223EPSS
Exploits3References1
CNVD
CNVDadded 2018/01/17 12:0 a.m.1 views

WordPress responsive-coming-soon-page plugin cross-site scripting vulnerability (CNVD-2018-01258)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers to set up a personal blog site . responsive-coming-soon-page plugin is used in one of the test system maintenance plugin . A cross-site scriptin...

4.8CVSS6AI score0.00225EPSS
Exploits1References1
CNVD
CNVDadded 2017/11/21 12:0 a.m.1 views

LvyeCMS Public tologin function cross-site scripting vulnerability

LvyeCMS is a content management system developed using the ThinkPHP framework and an independent grouping approach. A cross-site scripting vulnerability exists in the Public tologin function of the admin.php file in LvyeCMS 3.1 and earlier versions. A remote attacker can exploit this vulnerabilit...

6.1CVSS6AI score0.0024EPSS
Exploits1References1
Rows per page
Query Builder