Lucene search
K

361 matches found

RedhatCVE
RedhatCVE
added 2025/09/06 11:25 a.m.8 views

CVE-2025-41040

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'datacode', 'datalang0key', 'datalang0value', 'datalang1key' and 'datatitle' parameters in /apprain/developer/language/lipsum.xm...

5.4CVSS6.1AI score0.00162EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/06 11:25 a.m.7 views

CVE-2025-41059

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/tablesorter...

5.4CVSS6.1AI score0.00162EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/06 11:25 a.m.6 views

CVE-2025-41057

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/richtexteditor...

5.4CVSS6.1AI score0.00162EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/06 11:25 a.m.5 views

CVE-2025-41052

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/canvasjs...

5.4CVSS6.1AI score0.00162EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/06 11:25 a.m.8 views

CVE-2025-41033

An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the database, through the 'data%5BPage%5D%5Bname%5D' parameter in /apprain/page/manage-dynamic-pages/create...

9.8CVSS7.9AI score0.00353EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/06 11:25 a.m.4 views

CVE-2025-41048

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/admin...

5.4CVSS6.1AI score0.00162EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/06 11:25 a.m.5 views

CVE-2025-41032

An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the database, through the 'data%5BAdmin%5D%5Busername%5D' parameter in /apprain/admin/manage/add/...

9.8CVSS7.9AI score0.00353EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/06 11:25 a.m.7 views

CVE-2025-41046

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/960grid...

5.4CVSS6.1AI score0.00162EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 12:15 p.m.4 views

CVE-2025-41058

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/rowmanager...

5.4CVSS5.7AI score0.00162EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 12:15 p.m.3 views

CVE-2025-41060

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/tree...

5.4CVSS5.7AI score0.00162EPSS
Exploits0References1
NVD
NVD
added 2025/09/04 12:15 p.m.12 views

CVE-2025-41061

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/uploadify...

5.4CVSS0.00162EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 12:15 p.m.4 views

CVE-2025-41062

A vulnerability has been discovered in version 4.0.5 of appRain CMF, consisting of an authenticated reflected XSS due to a lack of proper validation of user input, through the 'page' parameter in /apprain/developer/addons...

5.4CVSS5.7AI score0.00162EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 12:15 p.m.3 views

CVE-2025-41061

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/uploadify...

5.4CVSS5.7AI score0.00162EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 12:15 p.m.5 views

CVE-2025-41063

A vulnerability has been discovered in version 4.0.5 of appRain CMF, consisting of an authenticated reflected XSS due to a lack of proper validation of user input, through the 's' parameter in /apprain/developer/debug-log/db...

5.4CVSS5.7AI score0.00162EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 12:15 p.m.3 views

CVE-2025-41059

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/tablesorter...

5.4CVSS5.7AI score0.00162EPSS
Exploits0References1
NVD
NVD
added 2025/09/04 12:15 p.m.4 views

CVE-2025-41062

A vulnerability has been discovered in version 4.0.5 of appRain CMF, consisting of an authenticated reflected XSS due to a lack of proper validation of user input, through the 'page' parameter in /apprain/developer/addons...

5.4CVSS0.00162EPSS
Exploits0References1
NVD
NVD
added 2025/09/04 12:15 p.m.11 views

CVE-2025-41059

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/tablesorter...

5.4CVSS0.00162EPSS
Exploits0References1
NVD
NVD
added 2025/09/04 12:15 p.m.5 views

CVE-2025-41063

A vulnerability has been discovered in version 4.0.5 of appRain CMF, consisting of an authenticated reflected XSS due to a lack of proper validation of user input, through the 's' parameter in /apprain/developer/debug-log/db...

5.4CVSS0.00162EPSS
Exploits0References1
NVD
NVD
added 2025/09/04 12:15 p.m.15 views

CVE-2025-41058

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/rowmanager...

5.4CVSS0.00162EPSS
Exploits0References1
NVD
NVD
added 2025/09/04 12:15 p.m.6 views

CVE-2025-41060

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/tree...

5.4CVSS0.00162EPSS
Exploits0References1
Rows per page
Query Builder