CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SQL Injection in SEACMS v210530 2021-05-30 allows remote attackers to execute arbitrary code via the component "adminajax.php?action=checkrepeatname="...

9.8CVSS8.9AI score0.01632EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 7:54 a.m.•4 views

CVE-2018-14388

joyplus-cms 1.6.0 has XSS via the manager/adminajax.php cansearchdevice array parameter...

5.4CVSS5.9AI score0.00149EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 7:52 a.m.•3 views

CVE-2018-14389

joyplus-cms 1.6.0 has SQL Injection via the manager/adminajax.php val parameter...

9.8CVSS8.3AI score0.0025EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 6:51 a.m.•4 views

CVE-2018-10096

joyplus-cms 1.6.0 has XSS via the devicename parameter in a manager/adminajax.php?action=save flag=add request...

4.8CVSS5.9AI score0.00235EPSS

Exploits1References1

NVD•added 2021/08/18 3:15 p.m.•7 views

CVE-2021-37358

SQL Injection in SEACMS v210530 2021-05-30 allows remote attackers to execute arbitrary code via the component "adminajax.php?action=checkrepeat&vname="...

9.8CVSS0.01632EPSS

Exploits1References1

Prion•added 2021/08/18 3:15 p.m.•9 views

Sql injection

SQL Injection in SEACMS v210530 2021-05-30 allows remote attackers to execute arbitrary code via the component "adminajax.php?action=checkrepeat&vname="...

7.5CVSS9.9AI score0.01632EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/08/18 2:32 p.m.•13 views

CVE-2021-37358

SQL Injection in SEACMS v210530 2021-05-30 allows remote attackers to execute arbitrary code via the component "adminajax.php?action=checkrepeat&vname="...

10AI score0.01632EPSS

Exploits1References1

CVE•added 2021/08/18 2:32 p.m.•42 views

CVE-2021-37358

CVE-2021-37358 affects SEACMS v210530. Multiple sources describe a SQL Injection via the admin_ajax.php?action=checkrepeat&v_name parameter, enabling remote attackers to execute arbitrary code. NVD lists high to critical severity (CVSS v2: 7.5/10; CVSS v3.1: 9.8/10) with network access, no authen...

9.8CVSS9.9AI score0.01632EPSS

Exploits1References1Affected Software1

NVD•added 2019/09/21 6:15 p.m.•10 views

CVE-2019-16660

joyplus-cms 1.6.0 has adminajax.php?action=savexml&tab=vodplay CSRF...

8.8CVSS8.8AI score0.00122EPSS

Exploits1References1

Prion•added 2019/09/21 6:15 p.m.•11 views

Cross site request forgery (csrf)

joyplus-cms 1.6.0 has adminajax.php?action=savexml&tab=vodplay CSRF...

6.8CVSS8.7AI score0.00122EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/09/21 5:1 p.m.•10 views

CVE-2019-16660

joyplus-cms 1.6.0 has adminajax.php?action=savexml&tab=vodplay CSRF...

8.8AI score0.00122EPSS

Exploits1References1

CNVD•added 2018/07/23 12:0 a.m.•1 views

joyplus-cms SQL Injection Vulnerability (CNVD-2018-14239)

joyplus-cms joy video is an open source video backend management system based on PHP and MySQL. The system has a video resource acquisition , user feedback management , automatic address resolution and message push management and other functions . A SQL injection vulnerability exists in the...

9.8CVSS10AI score0.0025EPSS

Exploits1References1

Cvelist•added 2018/07/22 5:0 p.m.•9 views

CVE-2018-14501

manager/adminajax.php in joyplus-cms 1.6.0 has SQL Injection, as demonstrated by crafted POST data beginning with an "mid=1 AND SLEEP5" substring...

9.7AI score0.0025EPSS

Exploits1References1

CVE•added 2018/07/22 5:0 p.m.•38 views

CVE-2018-14501

CVE-2018-14501 affects joyplus-cms 1.6.0, where manager/admin_ajax.php is vulnerable to SQL injection via crafted POST data starting with m_id=1 AND SLEEP(5). The vulnerability arises from unsanitized input passed to SQL queries in that endpoint, enabling an attacker to execute arbitrary SQL comm...

9.8CVSS9.5AI score0.0025EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by