CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

40 matches found

Prion•added 2023/12/21 8:15 p.m.•16 views

Path traversal

A vulnerability classified as problematic was found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this vulnerability is an unknown functionality of the file /file-manager/rename.php. The manipulation of the argument oldName leads to path traversal: '../filedir'. The attack can be launche...

4CVSS7.1AI score0.00281EPSS

Exploits1References3Affected Software1

CVE•added 2023/12/21 8:0 p.m.•49 views

CVE-2023-7041

CVE-2023-7041 details a path traversal vulnerability in codelyfe Stupid Simple CMS

5.5CVSS5.5AI score0.00139EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/12/21 8:0 p.m.•17 views

CVE-2023-7041 codelyfe Stupid Simple CMS rename.php path traversal

A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. The manipulation of the argument newName leads to path traversal: '../filedir'. The attack may be...

5.5CVSS5.8AI score0.00139EPSS

Exploits1References3

CVE•added 2023/12/21 7:31 p.m.•53 views

CVE-2023-7040

CVE-2023-7040 affects codelyfe Stupid Simple CMS up to v1.2.4. The vulnerability is in /file-manager/rename.php where manipulation of the oldName argument enables path traversal to ../filedir. It can be exploited remotely and has public disclosure. The vulnerability is tracked as VDB-248689. Miti...

6.5CVSS5.5AI score0.00281EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/12/21 7:31 p.m.•13 views

CVE-2023-7040 codelyfe Stupid Simple CMS rename.php path traversal

4.3CVSS6.8AI score0.00281EPSS

Exploits1References3

Positive Technologies•added 2023/12/21 12:0 a.m.•4 views

PT-2023-32848 · Codelyfe · Codelyfe Stupid Simple Cms

Name of the Vulnerable Software and Affected Versions: codelyfe Stupid Simple CMS versions up to 1.2.4 Description: A problematic issue was discovered in the file /file-manager/rename.php, where an unknown functionality is affected. The manipulation of the oldName argument leads to path traversal...

6.5CVSS4.8AI score0.00281EPSS

Exploits1References5

NVD•added 2023/12/18 4:15 a.m.•12 views

CVE-2023-6907

A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /file-manager/delete.php of the component Deletion Interface. The manipulation of the argument file leads to improper...

9.1CVSS0.00054EPSS

Exploits1References3

OSV•added 2023/12/18 4:15 a.m.•14 views

CVE-2023-6907

9.1CVSS6.9AI score

Exploits0References3

Prion•added 2023/12/18 4:15 a.m.•13 views

Authentication flaw

4.8CVSS7.1AI score0.00054EPSS

Exploits1References3Affected Software1

CVE•added 2023/12/18 12:31 a.m.•42 views

CVE-2023-6907

The CVE-2023-6907 entry concerns codelyfe Stupid Simple CMS (versions up to 1.2.4). The vulnerability affects the Deletion Interface’s file-manager delete.php, where manipulation of the file parameter leads to improper authentication. Public exploit details exist, indicating potential exploitatio...

9.1CVSS7.5AI score0.00054EPSS

Exploits1References3Affected Software1

NVD•added 2023/12/17 4:15 p.m.•12 views

CVE-2023-6902

A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. This vulnerability affects unknown code of the file /file-manager/upload.php. The manipulation of the argument file leads to unrestricted upload. The exploit has been disclosed to the public and m...

9.8CVSS0.00079EPSS

Exploits1References3

OSV•added 2023/12/17 4:15 p.m.•13 views

CVE-2023-6902

9.8CVSS7.1AI score

Exploits0References3

Prion•added 2023/12/17 4:15 p.m.•11 views

Design/Logic Flaw

5.2CVSS7.3AI score0.00079EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/12/17 3:31 p.m.•14 views

CVE-2023-6902 codelyfe Stupid Simple CMS upload.php unrestricted upload

5.5CVSS9.8AI score0.00079EPSS

Exploits1References3

CVE•added 2023/12/17 3:31 p.m.•33 views

CVE-2023-6902

CVE-2023-6902 affects codelyfe Stupid Simple CMS up to version 1.2.4. The vulnerability resides in the file /file-manager/upload.php, where manipulation of the file parameter enables unrestricted file upload. The description indicates the exploit has been disclosed publicly, posing a risk of remo...

9.8CVSS7.7AI score0.00079EPSS

Exploits1References3Affected Software1

OSV•added 2023/12/17 2:15 p.m.•12 views

CVE-2023-6901

A vulnerability, which was classified as critical, was found in codelyfe Stupid Simple CMS up to 1.2.3. This affects an unknown part of the file /terminal/handle-command.php of the component HTTP POST Request Handler. The manipulation of the argument command with the input whoami leads to os...

9.8CVSS7.5AI score

Exploits0References3

NVD•added 2023/12/17 2:15 p.m.•11 views

CVE-2023-6901

9.8CVSS0.00638EPSS

Exploits1References3

Prion•added 2023/12/17 2:15 p.m.•14 views

Command injection

7.5CVSS7.8AI score0.00638EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/12/17 2:0 p.m.•12 views

CVE-2023-6901 codelyfe Stupid Simple CMS HTTP POST Request handle-command.php os command injection

7.5CVSS10AI score0.00638EPSS

Exploits1References3

CVE•added 2023/12/17 2:0 p.m.•31 views

CVE-2023-6901

CVE-2023-6901 affects codelyfe Stupid Simple CMS versions up to 1.2.3. The vulnerability lies in the HTTP POST Request Handler’s file /terminal/handle-command.php, where using the argument with input “whoami” enables an OS command injection. The issue is exploitable remotely and an exploit has be...

9.8CVSS9AI score0.00638EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by