CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

CNNVD•added 2022/04/11 12:0 a.m.•2 views

Daylight Studio Fuel CMS跨站脚本漏洞

Daylight Studio Fuel CMS is a CodeIgniter-based content management system. A security vulnerability exists in Daylight Studio Fuel CMS 1.5.1 that allows HTML injection attacks...

5.4CVSS5.8AI score0.00191EPSS

Exploits1References2

CNVD•added 2021/09/10 12:0 a.m.•14 views

FUEL CMS Cross-site Request Forgery Vulnerability (CNVD-2021-93893)

FUEL CMS is a CodeIgniter-based content management system. a cross-site request forgery vulnerability exists in login.php in FUEL CMS version 1.5.0. No details of the vulnerability are provided at this time...

6.5CVSS3.5AI score0.00191EPSS

Exploits1References1

CNVD•added 2021/09/10 12:0 a.m.•22 views

FUEL CMS SQL Injection Vulnerability (CNVD-2021-93894)

FUEL CMS is a content management system based on CodeIgniter. A SQL injection vulnerability exists in Fuel CMS version 1.5.0. The vulnerability can be exploited to conduct SQL injection attacks via the col parameter in /fuel/index.php/fuel/pages/items...

8.8CVSS8.9AI score0.00239EPSS

Exploits1References1

CNNVD•added 2021/09/09 12:0 a.m.•1 views

FUEL CMS 跨站请求伪造漏洞

6.5CVSS5.3AI score0.00191EPSS

Exploits1References3

CNNVD•added 2021/08/09 12:0 a.m.•1 views

FUEL CMS 注入漏洞

FUEL CMS is a content management system CMS based on the Codelgniter framework. A security vulnerability exists in FUEL CMS, which can be exploited by attackers to conduct phishing and other attacks using a man-in-the-middle...

8.1CVSS7.7AI score0.00436EPSS

Exploits1References3

CNNVD•added 2021/03/10 12:0 a.m.•2 views

FUEL CMS SQL注入漏洞

FUEL CMS is a content management system based on CodeIgniter. A SQL injection vulnerability exists in the 'fuelreplaceid' parameter in pages/replace/1 in FUEL CMS 1.4.8. An attacker could use this vulnerability to corrupt the application, access or modify data, or exploit a potential vulnerabilit...

9.8CVSS6AI score0.03558EPSS

Exploits1References4

seebug.org•added 2014/07/01 12:0 a.m.•20 views

No-CMS 0.6.6 rev 1 - Admin Account Hijacking / RCE Exploit via Static Encryption Key

No description provided by source. ?php / Static encryptionkey of No-CMS lead to Session Array Injection in order to hijack administrator account then you will be able for upload php files to server via theme/module upload. This exploit generates cookie for administrator access from non-privilege...

7.1AI score

Exploits0

0day.today•added 2014/04/23 12:0 a.m.•35 views

No-CMS 0.6.6 rev 1 - Admin Account Hijacking / RCE Exploit via Static Encryption Key

Exploit for php platform in category web applications ?php / Static encryptionkey of No-CMS lead to Session Array Injection in order to hijack administrator account then you will be able for upload php files to server via theme/module upload. This exploit generates cookie for administrator access...

7.1AI score

Exploits0