Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:10 p.m.7 views

CVE-2020-35734

Sruu.pl in Batflat 1.3.6 allows an authenticated user to perform code injection and consequently Remote Code Execution via the input fields of the Users tab. To exploit this, one must login to the administration panel and edit an arbitrary user's data username, displayed name, etc.. NOTE: This...

7.2CVSS7.5AI score0.06772EPSS
Exploits4
Circl
Circl
added 2024/11/14 6:7 a.m.11 views

CVE-2020-35734

creationtimestamp| type| source ---|---|--- 2024-11-14 06:07:59+00:00| seen| MISP/a47ec090-3292-42fc-a1c0-1e736d4681e5...

7.2CVSS6.8AI score0.06772EPSS
Exploits4
0day.today
0day.today
added 2021/02/18 12:0 a.m.71 views

Batflat CMS 1.3.6 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Batflat CMS 1.3.6 - Remote Code Execution Authenticated Exploit Author: mari0x00 Vendor Homepage: https://batflat.org/ Software Link: https://github.com/sruupl/batflat/archive/master.zip Description:...

7.2CVSS7AI score0.06772EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/02/18 12:0 a.m.276 views

Batflat CMS 1.3.6 Remote Code Execution

Exploit Title: Batflat CMS 1.3.6 - Remote Code Execution Authenticated Date: 2020-12-27 Exploit Author: mari0x00 Vendor Homepage: https://batflat.org/ Software Link: https://github.com/sruupl/batflat/archive/master.zip Description:...

7AI score0.06772EPSS
Exploits4
CVE
CVE
added 2021/02/15 8:49 p.m.102 views

CVE-2020-35734

Batflat CMS 1.3.6 is vulnerable to authenticated code injection leading to Remote Code Execution via input fields on the Users tab. Exploitation requires login to the admin panel and editing another user’s data (e.g., username or display name). Affected product/version: Batflat 1.3.6; vendor note...

7.2CVSS7.2AI score0.06772EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder