CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

NVD•added 2025/08/13 9:15 p.m.•3 views

CVE-2011-10011

WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where unsanitized input in the to parameter of a POST request is written directly into includes/currencies.php. This allows unauthenticated attackers to inject arbitrary PHP code, resulting in persistent remot...

10CVSS0.57505EPSS

Exploits0References6

Vulnrichment•added 2025/08/13 8:55 p.m.•2 views

CVE-2011-10011 WeBid 1.0.2 converter.php Remote PHP Code Injection

10CVSS8.5AI score0.57505EPSS

Exploits0References6

OpenVAS•added 2010/08/02 12:0 a.m.•19 views

osCSS 'page' Parameter Cross Site Scripting Vulnerability

The host is running osCSS and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodoscssxssvuln.nasl 5401 2017-02-23 09:46:07Z teissa $ osCSS 'page' Parameter Cross Site Scripting Vulnerability Authors: Sooraj KS Copyright: Copyright c 2010 SecPod,...

4.3CVSS6.3AI score0.01013EPSS

Exploits1References4

CVE•added 2010/07/23 8:0 p.m.•39 views

CVE-2010-2856

CVE-2010-2856 affects osCSS (1.2.2 and probably earlier). The vulnerability is a cross-site scripting (XSS) flaw in the admin/currencies.php script, exploitable via the page parameter to inject arbitrary HTML/JS into a user’s browser. OpenVAS entries corroborate an XSS vulnerability in osCSS

4.3CVSS5.8AI score0.01013EPSS

Exploits1References6Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by