Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNVD
CNVDadded 2023/10/26 12:0 a.m.14 views

Geeklog grp_desc parameter cross-site scripting vulnerability

Geeklog is free and open source blogging software. A cross-site scripting vulnerability exists in the Geeklog grpdesc parameter due to an incorrect validation of user-supplied input by the publichtml/admin/group.php script. An attacker could use the vulnerability to steal the victim's cookie-base...

4.8CVSS6.2AI score0.0022EPSS
Exploits1References1
CNNVD
CNNVDadded 2023/01/07 12:0 a.m.1 views

sternenblog 安全漏洞

sternenblog is file-based CGI blogging software. A security vulnerability exists in sternenblog, which stems from an incorrect manipulation of the parameter postpath that can lead to file inclusion...

9.8CVSS6.3AI score0.00686EPSS
Exploits0References5
CNVD
CNVDadded 2015/10/08 12:0 a.m.2 views

Dotclear cross-site scripting vulnerability (CNVD-2015-06480)

Dotclear is a software developer Olivier Meunier developed a free PHP and MySQL-based blog Blog publishing software. A cross-site scripting vulnerability exists in Dotclear 2.8.0 and earlier versions. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

4.3CVSS6.2AI score0.00322EPSS
Exploits0References1
Packet Storm
Packet Stormadded 2015/03/24 12:0 a.m.36 views

WordPress Foxypress uploadify.php Arbitrary Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'WordPress Plugin Foxypress uploadify.php Arbitrary Code Execution', 'Description' = %q This module exploits an arbitrary PHP code...

0.3AI score
Exploits0
Metasploit
Metasploitadded 2015/03/23 7:15 a.m.11 views

WordPress Plugin Foxypress uploadify.php Arbitrary Code Execution

This module exploits an arbitrary PHP code execution flaw in the WordPress blogging software plugin known as Foxypress. The vulnerability allows for arbitrary file upload and remote code execution via the uploadify.php script. The Foxypress plugin versions 0.4.1.1 to 0.4.2.1 are vulnerable. This...

8.1AI score
Exploits0
Exploit DB
Exploit DBadded 2013/01/08 12:0 a.m.30 views

WordPress Plugin Google Document Embedder - Arbitrary File Disclosure (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rbmysql' class Metasploit3 'WordPress Plugin...

5CVSS6.7AI score0.77356EPSS
Exploits4
Packet Storm
Packet Stormadded 2006/12/28 12:0 a.m.19 views

wp205-xss.txt

Vulnerability Title: WordPress Persistent XSS Author: David Kierznowski Homepage: http://michaeldaw.org Software Vendor: WordPress Persistent XSS Versions affected: Confirmed in v2.0.5 latest WordPress is a popular open source blogging software. A persistent XSS vulnerability has been found in...

7.4AI score
Exploits0
Rows per page
Query Builder