Lucene search
K

60 matches found

NVD
NVD
added 2 days ago6 views

CVE-2026-15533

A security flaw has been discovered in DedeCMS 5.7.118. Impacted is an unknown function of the file /plus/search.php of the component Column Management. Performing a manipulation of the argument Column Name results in code injection. The attack is possible to be carried out remotely. The exploit...

5.8CVSS0.00248EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2 days ago8 views

CVE-2026-15533

A security flaw has been discovered in DedeCMS 5.7.118. Impacted is an unknown function of the file /plus/search.php of the component Column Management. Performing a manipulation of the argument Column Name results in code injection. The attack is possible to be carried out remotely. The exploit...

5.8CVSS5.9AI score0.00248EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-15533 DedeCMS Column Management search.php code injection

A security flaw has been discovered in DedeCMS 5.7.118. Impacted is an unknown function of the file /plus/search.php of the component Column Management. Performing a manipulation of the argument Column Name results in code injection. The attack is possible to be carried out remotely. The exploit...

5.8CVSS0.00248EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-43279

A security flaw has been discovered in DedeCMS 5.7.118. Impacted is an unknown function of the file /plus/search.php of the component Column Management. Performing a manipulation of the argument Column Name results in code injection. The attack is possible to be carried out remotely. The exploit...

5.8CVSS5.9AI score0.00248EPSS
Exploits0References6
CVE
CVE
added 2 days ago10 views

CVE-2026-15533

CVE-2026-15533 targets DedeCMS 5.7.118. The flaw is in the Column Management module, specifically /plus/search.php, where manipulating the Column Name argument allows code injection. It is exploitable remotely and a public exploit exists. The CVSS-derived assessment in the record indicates MEDIUM...

5.8CVSS5.9AI score0.00248EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.24 views

CVE-2023-43951

SSCMS 7.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the Column Management component...

5.4CVSS6.2AI score0.00348EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:36 p.m.11 views

CVE-2023-49485

JFinalCMS v5.0.0 was discovered to contain a cross-site scripting XSS vulnerability in the column management department...

5.4CVSS6AI score0.00413EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-18402

Malware in sbrugna...

9.1CVSS9.3AI score0.01872EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/10/04 12:56 a.m.7 views

CVE-2025-60453

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the column management module, specifically in the app\system\column\admin\index.class.php component. The vulnerability allows attackers to upload malicious SVG files...

6.1CVSS6.1AI score0.00244EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-48311

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00348EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-38944

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00393EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-3192

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00413EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-32301

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00244EPSS
Exploits1References2
OSV
OSV
added 2025/10/03 2:15 p.m.5 views

CVE-2025-60453

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the column management module, specifically in the app\system\column\admin\index.class.php component. The vulnerability allows attackers to upload malicious SVG files...

6.1CVSS5.8AI score0.00244EPSS
Exploits1References1
NVD
NVD
added 2025/10/03 2:15 p.m.6 views

CVE-2025-60453

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the column management module, specifically in the app\system\column\admin\index.class.php component. The vulnerability allows attackers to upload malicious SVG files...

6.1CVSS0.00244EPSS
Exploits1References1
CVE
CVE
added 2025/10/03 12:0 a.m.11 views

CVE-2025-60453

MetInfo CMS 8.0 is affected in the column management module (app\system\column\admin\index.class.php). The issue is a stored XSS vulnerability that allows attackers to upload SVG files containing JavaScript, which executes when the uploaded file is viewed or accessed by users. This aligns with mu...

6.1CVSS5.7AI score0.00244EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/10/03 12:0 a.m.11 views

CVE-2025-60453

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the column management module, specifically in the app\system\column\admin\index.class.php component. The vulnerability allows attackers to upload malicious SVG files...

0.00244EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/10/03 12:0 a.m.3 views

CVE-2025-60453

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the column management module, specifically in the app\system\column\admin\index.class.php component. The vulnerability allows attackers to upload malicious SVG files...

5.7AI score0.00244EPSS
Exploits1References1
Veracode
Veracode
added 2023/12/13 5:41 a.m.20 views

Cross-site Scripting (XSS)

jfinal is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the column management department of the library, allowing an attacker to inject and execute malicious JavaScript...

5.4CVSS6.5AI score0.00413EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2023/12/08 3:30 p.m.25 views

Cross-site Scripting in JFinalCMS

JFinalCMS v5.0.0 was discovered to contain a cross-site scripting XSS vulnerability in the column management department...

5.4CVSS6.1AI score0.00413EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder