Lucene search
K

5 matches found

CVE
CVE
added 2026/04/20 1:55 p.m.14 views

CVE-2026-34427

Vvveb versions prior to 1.0.8.1 contain a privilege escalation in the admin/user/save endpoint. An authenticated user can inject role_id=1 in profile save requests to elevate to Super Administrator, enabling plugin upload functionality and remote code execution. The fix is provided in 1.0.8.1 (se...

8.8CVSS6.2AI score0.00562EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.9 views

Vvveb 安全漏洞

Vvveb is a powerful and easy-to-use CMS developed by Givan’s individual developers. It is used to build websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.1 contained security vulnerabilities. These vulnerabilities stemmed from an issue with the endpoint where administrator...

8.8CVSS5.8AI score0.00562EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.9 views

Vvveb 安全漏洞

Vvveb is a powerful and easy-to-use CMS developed by Givan’s individual developers. It is used to build websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.1 contained security vulnerabilities; these vulnerabilities stemmed from cross-site scripting vulnerabilities, which coul...

5.4CVSS5.9AI score0.00281EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.10 views

Vvveb 安全漏洞

Vvveb is a powerful and easy-to-use CMS developed by Givan’s individual developers. It is used to build websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.1 contained security vulnerabilities. These vulnerabilities stemmed from the subdir parameter being written to the...

9.8CVSS6.2AI score0.00665EPSS
Exploits0References1
OSV
OSV
added 2020/01/22 2:15 p.m.2 views

CVE-2019-6858

A CWE-427:Uncontrolled Search Path Element vulnerability exists in MSX Configurator Software Version prior to V1.0.8.1, which could cause privilege escalation when injecting a malicious DLL...

7.8CVSS7.1AI score0.00363EPSS
Exploits0References1
Rows per page
Query Builder