Lucene search
K

43672 matches found

Cvelist
Cvelist
added 2026/02/01 12:15 p.m.28 views

CVE-2021-47918 Simple CMS 2.1 SQL Injection Vulnerability via Users Module

Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application...

8.6CVSS0.00511EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/01 12:15 p.m.3 views

CVE-2021-47917 Simple CMS 2.1 Persistent Cross-Site Scripting via User Input Parameters

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading...

6.4CVSS5.2AI score0.00289EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/01 12:15 p.m.30 views

CVE-2021-47917 Simple CMS 2.1 Persistent Cross-Site Scripting via User Input Parameters

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading...

6.4CVSS0.00289EPSS
Exploits1References3
CVE
CVE
added 2026/02/01 12:15 p.m.13 views

CVE-2021-47919

CVE-2021-47919 affects Simple CMS 2.1. The vulnerability is a non-persistent cross-site scripting (XSS) flaw in the preview.php file’s id parameter, exploitable via a GET request. Attackers can inject malicious script code to execute in the context of authenticated users, with potential consequen...

6.4CVSS6.1AI score0.00288EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/02/01 12:15 p.m.34 views

CVE-2021-47919 Simple CMS 2.1 Non-Persistent Cross-Site Scripting via Preview Parameter

Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks...

6.4CVSS0.00288EPSS
Exploits1References3
CVE
CVE
added 2026/02/01 12:15 p.m.10 views

CVE-2021-47916

The EUVD entry EUVD-2021-34755 documents a vulnerability in Simple CMS 2.1: a remote SQL injection that lets an attacker inject unvalidated SQL via the users module, exploiting unvalidated input in admin.php to compromise the database management system and the web application. The connected docum...

6AI score
Exploits0
Cvelist
Cvelist
added 2026/02/01 12:15 p.m.34 views

CVE-2021-47916

...

Exploits0
EUVD
EUVD
added 2026/02/01 12:15 p.m.5 views

EUVD-2021-34755

Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application...

8.6CVSS6AI score
Exploits0References3
GithubExploit
GithubExploit
added 2026/02/01 9:37 a.m.544 views

Exploit for CVE-2025-2304

CVE-2025-2304 - Camaleon CMS Privilege Escalation This reposi...

9.4CVSS5.8AI score0.00566EPSS
Exploits16
GithubExploit
GithubExploit
added 2026/02/01 8:28 a.m.200 views

Exploit for CVE-2025-2304

CVE-2025-2304 Exploit Camaleon CMS Vulnerable to Privilege Es...

9.4CVSS5.9AI score0.00566EPSS
Exploits16
GithubExploit
GithubExploit
added 2026/02/01 5:7 a.m.317 views

Exploit for CVE-2025-2304

CVE-2025-230...

9.4CVSS5.9AI score0.00566EPSS
Exploits16
GithubExploit
GithubExploit
added 2026/02/01 2:6 a.m.1284 views

Exploit for Path Traversal in Tuzitio Camaleon_Cms

CVE-2024-46987 - Camaleon CMS Authenticated Arbitrary File Rea...

7.7CVSS5.8AI score0.1456EPSS
Exploits11
GithubExploit
GithubExploit
added 2026/02/01 1:23 a.m.180 views

Exploit for CVE-2025-2304

Camaleon CMS -p Arguments - -t, --target Base t...

9.4CVSS5.9AI score0.00566EPSS
Exploits16
CNNVD
CNNVD
added 2026/02/01 12:0 a.m.8 views

Simple CMS 跨站脚本漏洞

Simple CMS is an open-source content management system developed using Simple PHPScripts. Version 2.1 of Simple CMS has a cross-site scripting vulnerability. This vulnerability stems from the id parameter in the preview.php file, which allows for the execution of arbitrary scripts...

6.4CVSS5.9AI score0.00288EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/01 12:0 a.m.7 views

PT-2026-5564

Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks...

6.4CVSS6.1AI score0.00288EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/02/01 12:0 a.m.8 views

Simple CMS SQL注入漏洞

Simple CMS is an open-source content management system developed using Simple PHP scripts. Version 2.1 of Simple CMS has a SQL injection vulnerability, which stems from unvalidated input parameters in the admin.php file, potentially leading to SQL injection attacks...

8.8CVSS5.8AI score0.00511EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/01 12:0 a.m.10 views

Simple CMS 跨站脚本漏洞

Simple CMS is an open-source content management system developed using Simple PHPScripts. Version 2.1 of Simple CMS has a cross-site scripting vulnerability. This vulnerability stems from persistent cross-site scripting vulnerabilities in user input parameters, which could allow remote attackers ...

6.4CVSS5.7AI score0.00289EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/01/31 9:49 p.m.934 views

Exploit for CVE-2025-2304

CVE-2025-2304-POC Manual poc for CVE-2025-2304: Camaleon CMS...

9.4CVSS5.9AI score0.00566EPSS
Exploits16
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/31 5:27 p.m.9 views

Malicious code in roots-cms-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9670a58bdf8573b9c7d94a74cf58593a55692bfcf33d931693680389b981f89c The package roots-cms-client was found to contain malicious code. Source: ghsa-malware 88007d193d64ac8d7a2a970903353601b1f620a48f22c3cd3c7a838da0cce4...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/01/31 5:27 p.m.3 views

MAL-2026-617 Malicious code in roots-cms-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9670a58bdf8573b9c7d94a74cf58593a55692bfcf33d931693680389b981f89c The package roots-cms-client was found to contain malicious code. Source: ghsa-malware 88007d193d64ac8d7a2a970903353601b1f620a48f22c3cd3c7a838da0cce4...

5.5AI score
Exploits0References1
Rows per page
Query Builder