CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2006-6028

Malware in sbrugna...

6.8CVSS6.4AI score0.03063EPSS

Exploits1References7

RedhatCVE•added 2025/05/23 7:44 a.m.•3 views

CVE-2024-42816

A cross-site scripting XSS vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter...

6.1CVSS5.7AI score0.00181EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:44 a.m.•3 views

CVE-2024-42818

A cross-site scripting XSS vulnerability in the Config-Create function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter...

6.1CVSS5.7AI score0.00181EPSS

Exploits0References1

OSV•added 2024/08/26 4:15 p.m.•1 views

CVE-2024-42816

6.1CVSS5.9AI score0.00181EPSS

Exploits0References2

OSV•added 2024/08/26 4:15 p.m.•1 views

CVE-2024-42818

6.1CVSS5.9AI score0.00181EPSS

Exploits0References2

Positive Technologies•added 2024/08/26 12:0 a.m.•2 views

PT-2024-30175 · Unknown · Fastapi-Admin

Name of the Vulnerable Software and Affected Versions: fastapi-admin pro version 0.1.4 Description: A cross-site scripting XSS vulnerability in the Create Product function allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter...

6.1CVSS6.1AI score0.00181EPSS

Exploits0References9

CVE•added 2024/08/26 12:0 a.m.•46 views

CVE-2024-42818

CVE-2024-42818 is a cross-site scripting (XSS) vulnerability in the Config-Create function of fastapi-admin pro v0.1.4, allowing injection of arbitrary scripts/HTML via the Product Name parameter. Multiple connected sources corroborate the issue and its scope. Public data do not specify a confirm...

6.1CVSS5.8AI score0.00181EPSS

Exploits0References2

Vulnrichment•added 2024/08/26 12:0 a.m.•12 views

CVE-2024-42818

5.8AI score0.00181EPSS

Exploits0References2

CVE•added 2024/08/26 12:0 a.m.•46 views

CVE-2024-42816

The CVE-2024-42816 issue affects fastapi-admin pro v0.1.4, where the Create Product function is vulnerable to Cross‑Site Scripting (XSS) through a crafted payload in the Product Name parameter. Multiple sources (NVD, Red Hat, Veracode, GHSA) describe that insufficient validation/sanitization of P...

6.1CVSS5.6AI score0.00181EPSS

Exploits0References2

Cvelist•added 2024/08/26 12:0 a.m.•14 views

CVE-2024-42816

0.00181EPSS

Exploits0References2

Cvelist•added 2006/11/22 12:0 a.m.•10 views

CVE-2006-6045

Multiple PHP remote file inclusion vulnerabilities in Comdev One Admin Pro 4.1 allow remote attackers to execute arbitrary PHP code via a URL in the pathskin parameter to 1 adminfoot.php, 2 adminhead.php, or 3 adminlogin.php...

7.7AI score0.03063EPSS

Exploits1References6

CVE•added 2006/11/22 12:0 a.m.•45 views

CVE-2006-6045

CVE-2006-6045 describes multiple PHP remote file inclusion vulnerabilities in Comdev One Admin Pro 4.1. The flaw allows remote attackers to execute arbitrary PHP code by passing a malicious URL in the path[skin] parameter to adminfoot.php, adminhead.php, or adminlogin.php. Affected software: Comd...

6.8CVSS8AI score0.03063EPSS

Exploits1References6Affected Software1

seebug.org•added 2006/11/21 12:0 a.m.•13 views

Comdev One Admin Pro path[docroot]及path[skin]参数文件包含漏洞

Comdev One Admin Pro是用于为数据库驱动的网站创建PHP模块的平台。 Comdev One Admin Pro的多个脚本在处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 Comdev One Admin Pro的adminfoot.php、adminhead.php和adminlogin.php脚本没有正确地验证pathdocroot及pathskin参数的输入，允许攻击者通过包含本地或外部资源的文件导致执行任意PHP代码。漏洞相关的代码如下： ? include$path"docroot".$path"skin"...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by