Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

30 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2018-2069

Malware in sbrugna...

6.1CVSS6.2AI score0.00262EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2000-0666

Malware in sbrugna...

7.2CVSS6.4AI score0.03016EPSS
Exploits1References8
Prion
Prionadded 2019/02/04 9:29 p.m.13 views

Cross site scripting

FreeBSD CVSweb version 2.x contains a Cross Site Scripting XSS vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This...

4.3CVSS6.1AI score0.00262EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2019/02/04 9:29 p.m.1 views

DEBIAN-CVE-2018-1000998

FreeBSD CVSweb version 2.x contains a Cross Site Scripting XSS vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This...

6.1CVSS6.1AI score0.00262EPSS
Exploits1References1
NVD
NVDadded 2019/02/04 9:29 p.m.10 views

CVE-2018-1000998

FreeBSD CVSweb version 2.x contains a Cross Site Scripting XSS vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This...

6.1CVSS6.1AI score0.00262EPSS
Exploits1References1
OSV
OSVadded 2019/02/04 9:29 p.m.4 views

CVE-2018-1000998

FreeBSD CVSweb version 2.x contains a Cross Site Scripting XSS vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This...

6.1CVSS5.8AI score
Exploits0References1
UbuntuCve
UbuntuCveadded 2019/02/04 9:29 p.m.22 views

CVE-2018-1000998

FreeBSD CVSweb version 2.x contains a Cross Site Scripting XSS vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This...

6.1CVSS6.3AI score0.00262EPSS
Exploits1References2
Cvelist
Cvelistadded 2019/02/04 9:0 p.m.14 views

CVE-2018-1000998

FreeBSD CVSweb version 2.x contains a Cross Site Scripting XSS vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This...

6.1AI score0.00262EPSS
Exploits1References1
Debian CVE
Debian CVEadded 2019/02/04 9:0 p.m.15 views

CVE-2018-1000998

FreeBSD CVSweb version 2.x contains a Cross Site Scripting XSS vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This...

6.1CVSS6.1AI score0.00262EPSS
Exploits1
CVE
CVEadded 2019/02/04 9:0 p.m.44 views

CVE-2018-1000998

FreeBSD CVSweb 2.x is affected by an XSS vulnerability on all pages; the issue can be triggered when victims load a specially crafted URL. The vulnerability is limited in impact and CVSweb is anonymous/read-only, but could affect other sites on the same domain. The problem appears to have been fi...

6.1CVSS6AI score0.00262EPSS
Exploits1References1Affected Software1
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.12 views

CVSWeb Developer CVSWeb 1.80 insecure perl "open" Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1469/info Cvsweb 1.80 makes an insecure call to the perl OPEN function, providing attackers with write access to a cvs repository the ability to execute arbitrary commands on the host machine. The code that is being...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2012/09/06 12:0 a.m.32 views

Mandrake Linux Security Advisory : cvsweb (MDKSA-2000:019)

Cvsweb contains a hole that provides attackers who have write access to a cvs repository with shell access. Thus, attackers who have write access to a cvs repository but not shell access can obtain a shell. In addition, anyone with write access to a cvs repository that is viewable with cvsweb can...

5.6AI score
Exploits0
Prion
Prionadded 2007/05/29 9:30 p.m.11 views

Code injection

plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 before 20070524, aka gforge-plugin-scmcvs, allows remote attackers to execute arbitrary commands via shell metacharacters in the PATHINFO...

6.8CVSS7.8AI score0.01283EPSS
Exploits0References8Affected Software1
UbuntuCve
UbuntuCveadded 2007/05/29 9:30 p.m.21 views

CVE-2007-0246

plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 before 20070524, aka gforge-plugin-scmcvs, allows remote attackers to execute arbitrary commands via shell metacharacters in the PATHINFO...

6.8CVSS6AI score0.01283EPSS
Exploits0References1
NVD
NVDadded 2007/05/29 9:30 p.m.11 views

CVE-2007-0246

plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 before 20070524, aka gforge-plugin-scmcvs, allows remote attackers to execute arbitrary commands via shell metacharacters in the PATHINFO...

6.8CVSS7.5AI score0.01283EPSS
Exploits0References8
Cvelist
Cvelistadded 2007/05/29 9:0 p.m.16 views

CVE-2007-0246

plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 before 20070524, aka gforge-plugin-scmcvs, allows remote attackers to execute arbitrary commands via shell metacharacters in the PATHINFO...

7.4AI score0.01283EPSS
Exploits0References8
OpenVAS
OpenVASadded 2005/11/03 12:0 a.m.14 views

CVSWeb detection

CVSWeb is used by hosts to share programming source code. Some web sites are misconfigured and allow access to their sensitive source code without any password protection. This plugin tries to detect the presence of a CVSWeb CGI and when it finds it, it tries to obtain its version...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2001/05/18 12:0 a.m.29 views

Security Announcement

TurboLinux Security Announcement Package: cvsweb Vulnerable Packages: All Turbolinux versions previous to 1.91-3 Date: 05/03/2001 5:00 PDT Affected TurboLinux versions: TL Server 6.5, TL Workstation 6.1, Turbolinux versions 6.0.5 and earlier TurboLinux Advisory ID: TLSA2001010 Credits:...

0.6AI score
Exploits0
CVE
CVEadded 2000/10/13 4:0 a.m.59 views

CVE-2000-0670

CVE-2000-0670 affects CVSWeb 1.80. The cvsweb CGI script allows remote attackers with write access to a CVS repository to execute arbitrary shell commands. This is a local-style attack vector with the attacker authenticated to the CVS repository, and the impact is arbitrary command execution in t...

7.2CVSS7.6AI score0.03016EPSS
Exploits1References6Affected Software1
Cvelist
Cvelistadded 2000/10/13 4:0 a.m.12 views

CVE-2000-0670

The cvsweb CGI script in CVSWeb 1.80 allows remote attackers with write access to a CVS repository to execute arbitrary commands via shell metacharacters...

7.6AI score0.03016EPSS
Exploits1References6
Rows per page
Query Builder