CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33 matches found

OSV•added 2025/11/12 8:46 p.m.•1 views

MAL-2025-179753 Malicious code in kiut-acog-aef (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4aaf6a2e0fdc7a58f138e94cd93846451a9ed8c4345ad429aaa3635526f4f49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score

Exploits0

EUVD•added 2025/11/12 8:46 p.m.•1 views

EUVD-2025-134317

Malicious code in kiut-acog-aef npm...

6.6AI score

Exploits0

EUVD•added 2025/11/12 8:46 p.m.•0 views

EUVD-2025-134318

Malicious code in kiut-acog-aef npm...

6.6AI score

Exploits0

vulnersOsv•added 2024/04/26 12:30 a.m.•0 views

aef-gw (>=0.1.1 <=0.1.15), airiam (>=0.1.2 <=0.1.8) +166 more potentially affected by CVE-2024-33664 via python-jose (>=0.5.5 <=3.3.0)

python-jose PYPI version =0.5.5, =0.1.1, =0.1.2, =0.1.0, =0.8.0, =0.9.0, =1.23.0.dev0, =0.1.2, =0.1.18, =1.1.3, =1.5.0, =0.1.7, =0.31.6, =0.3.0, =0.9.0, =0.0.12, =0.0.14 and more Source cves: CVE-2024-33664 Source advisory: OSV:GHSA-CJWG-QFPM-7377...

5.3CVSS6.6AI score0.00254EPSS

Exploits1

vulnersOsv•added 2024/04/26 12:15 a.m.•0 views

aef-gw (>=0.1.1 <=0.1.15), airiam (>=0.1.2 <=0.1.8) +166 more potentially affected by CVE-2024-33663 via python-jose (>=0.5.5 <=3.3.0)

6.5CVSS6.7AI score0.00925EPSS

Exploits1

NVD•added 2020/01/22 3:15 p.m.•10 views

CVE-2011-3582

A Cross-site Request Forgery CSRF vulnerability exists in Advanced Electron Forums AEF through 1.0.9 due to inadequate confirmation for sensitive transactions in the administrator functions...

8.8CVSS8.8AI score0.00145EPSS

Exploits1References1

Cvelist•added 2020/01/22 3:0 p.m.•9 views

CVE-2011-3582

A Cross-site Request Forgery CSRF vulnerability exists in Advanced Electron Forums AEF through 1.0.9 due to inadequate confirmation for sensitive transactions in the administrator functions...

8.8AI score0.00145EPSS

Exploits1References1

CVE•added 2020/01/22 3:0 p.m.•31 views

CVE-2011-3582

CVE-2011-3582 affects Advanced Electron Forums (AEF) up to version 1.0.9. The issue is a Cross-site Request Forgery (CSRF) vulnerability caused by inadequate confirmation for sensitive administrator actions. The description across sources confirms the admin function CSRF exposure, with no explici...

8.8CVSS8.7AI score0.00145EPSS

Exploits1References1Affected Software1

CVE•added 2018/06/29 2:0 p.m.•38 views

CVE-2018-13000

AEF (Advanced Electron Forum) v1.0.9 contains a persistent Cross‑Site Scripting (XSS) vulnerability in the Private Message module, originating from unsanitized content in the FTP Link editor. A remote attacker with restricted privileges can inject a script payload via the editor’s FTP Link elemen...

4.8CVSS5.3AI score0.00361EPSS

Exploits3References1Affected Software1

Cvelist•added 2018/06/29 2:0 p.m.•10 views

CVE-2018-13000

An XSS issue was discovered in Advanced Electron Forum AEF v1.0.9. A persistent XSS vulnerability is located in the FTP Link element of the Private Message module. The editor of the private message module allows inserting links without sanitizing the content. This allows remote attackers to injec...

5.4AI score0.00361EPSS

Exploits3References1

Packet Storm•added 2018/03/27 12:0 a.m.•45 views

AEF CMS 1.0.9 Cross Site Scripting

Document Title: =============== AEF CMS v1.0.9 - PM Persistent Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2123 Release Date: ============= 2018-02-18 Vulnerability Laboratory ID VL-ID:...

7.1AI score

Exploits0

Vulnerability Lab•added 2018/02/18 12:0 a.m.•47 views

AEF CMS v1.0.9 - (PM) Persistent Cross Site Vulnerability

Document Title: =============== AEF CMS v1.0.9 - PM Persistent Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2123 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-13000 CVE-ID: ======= CVE-2018-13000 Release Date:...

4.8CVSS5.2AI score0.00361EPSS

Exploits3

0day.today•added 2016/01/18 12:0 a.m.•29 views

Advanced Electron Forum 1.0.9 - Cross-Site Request Forgery

Exploit for php platform in category web applications + Credits: hyp3rlinx Vendor: ============================= www.anelectron.com/downloads/ Product: ==================================== Advanced Electron Forum v1.0.9 AEF Exploit patched current version. Vulnerability Type: ===================...

7.1AI score

Exploits0

exploitpack•added 2016/01/18 12:0 a.m.•21 views

Advanced Electron Forum 1.0.9 - Persistent Cross-Site Scripting

Advanced Electron Forum 1.0.9 - Persistent Cross-Site Scripting + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AEF-XSS.txt Vendor: ============================= www.anelectron.com/downloads/ Product: ==================================...

0.1AI score

Exploits0

exploitpack•added 2016/01/18 12:0 a.m.•24 views

Advanced Electron Forum 1.0.9 - Remote File Inclusion Cross-Site Request Forgery

Advanced Electron Forum 1.0.9 - Remote File Inclusion Cross-Site Request Forgery + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AEF-RFI.txt Vendor: ============================= www.anelectron.com/downloads/ Product:...

0.4AI score

Exploits0

0day.today•added 2016/01/18 12:0 a.m.•28 views

Advanced Electron Forum 1.0.9 - Persistent Cross-Site Scripting

7.1AI score

Exploits0

Exploit DB•added 2016/01/18 12:0 a.m.•32 views

Advanced Electron Forum 1.0.9 - Persistent Cross-Site Scripting

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AEF-XSS.txt Vendor: ============================= www.anelectron.com/downloads/ Product: ==================================== Advanced Electron Forum v1.0.9 AEF Exploit patched current...

7.4AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•21 views

Advanced Electron Forum 1.0.6 - 'beg' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28865/info Advanced Electron Forum AEF is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in th...

7.1AI score

Exploits0

Packet Storm•added 2011/09/26 12:0 a.m.•26 views

Advanced Electron Forums 1.0.9 Cross Site Request Forgery

Advanced Electron Forums AEF 1.0.9 = Cross Site Request Forgery CSRF Vulnerability 1. OVERVIEW The Advanced Electron Forums AEF 1.0.9 = versions are vulnerable to Cross Site Request Forgery CSRF. 2. BACKGROUND AEF has a very simple and easy to use Administration Panel and installing this software...

0.6AI score

Exploits0

CVE•added 2011/09/23 11:0 p.m.•36 views

CVE-2011-3700

Vulnerability: CVE-2011-3700 in Advanced Electron Forum (AEF) 1.0.8. Issue: Remote attackers can disclose sensitive information by making a direct request to a PHP file (languages/english/deletetopic_lang.php), causing an error message that reveals the installation path. Impact: Information discl...

5CVSS6.3AI score0.00283EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by