Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1599 matches found

Vulnrichment
Vulnrichmentadded 2023/09/17 3:0 a.m.12 views

CVE-2023-5017 lmxcms admin.php sql injection

A vulnerability was found in lmxcms up to 1.41. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin.php. The manipulation of the argument lid leads to sql injection. VDB-239858 is the identifier assigned to this vulnerability. NOTE: The vendor was...

5.5CVSS7.3AI score0.00425EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/09/17 3:0 a.m.13 views

CVE-2023-5017 lmxcms admin.php sql injection

A vulnerability was found in lmxcms up to 1.41. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin.php. The manipulation of the argument lid leads to sql injection. VDB-239858 is the identifier assigned to this vulnerability. NOTE: The vendor was...

5.5CVSS9.8AI score0.00425EPSS
Exploits0References2
CVE
CVEadded 2023/09/17 3:0 a.m.32 views

CVE-2023-5017

CVE-2023-5017 affects lmxcms up to version 1.41. The vulnerability exists in admin.php where manipulating the lid parameter leads to SQL injection. Exploitation details are not provided in the core initial document, but multiple connected sources (PRION, NVD, RH, CVE lists, PT Security) consisten...

9.8CVSS6.8AI score0.00425EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2023/09/16 12:0 a.m.4 views

PT-2023-31486 · Lmxcms · Lmxcms

Name of the Vulnerable Software and Affected Versions: lmxcms versions up to 1.41 Description: A critical issue affects some unknown functionality of the file admin.php. The manipulation of the lid argument leads to SQL injection. The vendor was contacted about this disclosure but did not respond...

9.8CVSS5.7AI score0.00425EPSS
Exploits0References6
NVD
NVDadded 2023/07/31 2:15 p.m.9 views

CVE-2020-21881

Cross Site Request Forgery CSRF vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add...

6.5CVSS6.6AI score0.00337EPSS
Exploits1References1
Prion
Prionadded 2023/07/31 2:15 p.m.22 views

Cross site request forgery (csrf)

Cross Site Request Forgery CSRF vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add...

4.3CVSS6.6AI score0.00337EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2023/07/31 12:0 a.m.54 views

CVE-2020-21881

DuxCMS 2.1 contains a Cross Site Request Forgery (CSRF) vulnerability in admin.php (endpoint article/admin/content/add) that allows remote attackers to modify application data. The issue is documented across multiple sources (e.g., CVE-2020-21881) with remediation guidance suggesting CSRF token v...

6.5CVSS6.6AI score0.00337EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/07/31 12:0 a.m.14 views

CVE-2020-21881

Cross Site Request Forgery CSRF vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add...

7.2AI score0.00337EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/07/31 12:0 a.m.16 views

CVE-2020-21881

Cross Site Request Forgery CSRF vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add...

6.6AI score0.00337EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2023/07/31 12:0 a.m.3 views

PT-2023-11606 · Duxcms · Duxcms

Name of the Vulnerable Software and Affected Versions: DuxCMS version 2.1 Description: A Cross Site Request Forgery CSRF issue in the admin.php file of DuxCMS allows remote attackers to modify application data via the "article/admin/content/add" endpoint. This can be exploited by tricking...

6.5CVSS6.5AI score0.00337EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2023/06/26 8:15 p.m.1 views

CVE-2023-27082

Cross Site Scripting XSS vulnerability in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev4 allows remote attackers to run arbitrary code via upload of crafted html file...

4.8CVSS6.2AI score0.00475EPSS
Exploits0References3
OSV
OSVadded 2023/06/22 8:15 p.m.15 views

CVE-2023-27083

An issue discovered in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev5 allows remote attackers to run arbitrary code via manage file functionality...

7.2CVSS7.8AI score
Exploits0References1
NVD
NVDadded 2023/06/22 8:15 p.m.12 views

CVE-2023-27083

An issue discovered in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev5 allows remote attackers to run arbitrary code via manage file functionality...

7.2CVSS7.2AI score0.0121EPSS
Exploits0References1
NVD
NVDadded 2023/06/20 3:15 p.m.14 views

CVE-2020-20918

An issue discovered in Pluck CMS v.4.7.10-dev2 allows a remote attacker to execute arbitrary php code via the hidden parameter to admin.php when editing a page...

7.2CVSS7.3AI score0.01137EPSS
Exploits1References1
OSV
OSVadded 2023/06/20 3:15 p.m.17 views

CVE-2020-20918

An issue discovered in Pluck CMS v.4.7.10-dev2 allows a remote attacker to execute arbitrary php code via the hidden parameter to admin.php when editing a page...

7.2CVSS7.9AI score
Exploits0References1
Prion
Prionadded 2023/06/20 3:15 p.m.13 views

Code injection

An issue discovered in Pluck CMS v.4.7.10-dev2 allows a remote attacker to execute arbitrary php code via the hidden parameter to admin.php when editing a page...

5.8CVSS7.2AI score0.01137EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2023/06/20 3:15 p.m.19 views

Cross site scripting

Cross Site Scripting vulnerability in taogogo taoCMS v.2.5 beta5.1 allows remote attacker to execute arbitrary code via the name field in admin.php...

5.8CVSS6.5AI score0.00514EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/06/20 12:0 a.m.20 views

CVE-2020-20725

Cross Site Scripting vulnerability in taogogo taoCMS v.2.5 beta5.1 allows remote attacker to execute arbitrary code via the name field in admin.php...

6.5AI score0.00514EPSS
Exploits1References1
CVE
CVEadded 2023/06/14 12:0 a.m.49 views

CVE-2021-31280

CVE-2021-31280 affects tp5cms prior to or through 2017-05-25. The issue is a cross-site scripting (XSS) vulnerability in admin.php/system/set.html exploitable via the keywords parameter. The related Red Hat/NVD/EU references corroborate an XSS in tp5cms with the same endpoint and parameter. CVSS ...

6.1CVSS5.9AI score0.00406EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/06/14 12:0 a.m.6 views

CVE-2021-31280

An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the keywords parameter...

6AI score0.00406EPSS
Exploits1References1
Rows per page
Query Builder