Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2020-20590

Malware in sbrugna...

9.8CVSS9.4AI score0.01096EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 3:26 p.m.8 views

CVE-2020-28102

cscms v4.1 allows for SQL injection via the "jsdel" function...

9.8CVSS8.1AI score0.01213EPSS
Exploits1
NVD
NVD
added 2022/01/11 4:15 p.m.12 views

CVE-2020-28103

cscms v4.1 allows for SQL injection via the "pagedel" function...

9.8CVSS0.01096EPSS
Exploits1References1
NVD
NVD
added 2022/01/11 4:15 p.m.26 views

CVE-2020-28102

cscms v4.1 allows for SQL injection via the "jsdel" function...

9.8CVSS0.01213EPSS
Exploits1References1
Prion
Prion
added 2022/01/11 4:15 p.m.12 views

Sql injection

cscms v4.1 allows for SQL injection via the "pagedel" function...

7.5CVSS9.8AI score0.01096EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/01/11 3:49 p.m.12 views

CVE-2020-28103

cscms v4.1 allows for SQL injection via the "pagedel" function...

10AI score0.01096EPSS
Exploits1References1
CVE
CVE
added 2022/01/11 3:49 p.m.46 views

CVE-2020-28103

CVE-2020-28103 affects cscms v4.1 and enables SQL injection through the page_del/page delete function. Root cause: improper input handling leading to SQL injection. CVSS 3.1 base score 9.8 (CRITICAL), NETWORK, no authentication, no user interaction. Exploitation details are not provided in the co...

9.8CVSS9.9AI score0.01096EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/01/11 3:41 p.m.24 views

CVE-2020-28102

cscms v4.1 allows for SQL injection via the "jsdel" function...

10AI score0.01213EPSS
Exploits1References1
NVD
NVD
added 2021/08/30 11:15 p.m.14 views

CVE-2020-22848

A remote code execution RCE vulnerability in the \Playsong.php component of cscms v4.1 allows attackers to execute arbitrary commands...

9.8CVSS0.02874EPSS
Exploits1References1
Prion
Prion
added 2021/08/30 11:15 p.m.10 views

Remote code execution

A remote code execution RCE vulnerability in the \Playsong.php component of cscms v4.1 allows attackers to execute arbitrary commands...

7.5CVSS9.7AI score0.02874EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/08/30 10:12 p.m.41 views

CVE-2020-22848

CVE-2020-22848 affects cscms v4.1, specifically the Playsong.php component. An RCE vulnerability allows an attacker to execute arbitrary commands on affected systems. The connected documents consistently describe remote code execution via Playsong.php but do not provide specific exploit details, ...

9.8CVSS9.8AI score0.02874EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/30 10:12 p.m.12 views

CVE-2020-22848

A remote code execution RCE vulnerability in the \Playsong.php component of cscms v4.1 allows attackers to execute arbitrary commands...

9.9AI score0.02874EPSS
Exploits1References1
NVD
NVD
added 2018/05/29 7:29 a.m.18 views

CVE-2018-11527

An issue was discovered in CScms v4.1. A Cross-site request forgery CSRF vulnerability in plugins/sys/admin/Sys.php allows remote attackers to change the administrator's username and password via /admin.php/sys/editpasssave...

8.8CVSS8.9AI score0.00614EPSS
Exploits1References1
Prion
Prion
added 2018/05/29 7:29 a.m.14 views

Cross site request forgery (csrf)

An issue was discovered in CScms v4.1. A Cross-site request forgery CSRF vulnerability in plugins/sys/admin/Sys.php allows remote attackers to change the administrator's username and password via /admin.php/sys/editpasssave...

6.8CVSS8.8AI score0.00614EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/05/29 7:0 a.m.17 views

CVE-2018-11527

An issue was discovered in CScms v4.1. A Cross-site request forgery CSRF vulnerability in plugins/sys/admin/Sys.php allows remote attackers to change the administrator's username and password via /admin.php/sys/editpasssave...

8.9AI score0.00614EPSS
Exploits1References1
CVE
CVE
added 2018/05/29 7:0 a.m.46 views

CVE-2018-11527

CVE-2018-11527 affects CScms v4.1, where a Cross-site request forgery (CSRF) in plugins/sys/admin/Sys.php allows remote attackers to change the administrator’s username and password via /admin.php/sys/editpass_save. Exploitation details are not provided beyond the path, but the vulnerability enab...

8.8CVSS8.8AI score0.00614EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder