Lucene search
K

744 matches found

Cvelist
Cvelist
added 2026/02/03 4:52 p.m.30 views

CVE-2020-37111 60CycleCMS 2.5.2 - 'news.php' Cross-site Scripting (XSS) Vulnerability

60CycleCMS 2.5.2 contains a cross-site scripting XSS vulnerability in news.php that allows attackers to inject malicious scripts through GET parameters. Attackers can craft malicious URLs with XSS payloads targeting the 'etsu' and 'ltsu' parameters to execute arbitrary scripts in victim's browser...

6.1CVSS0.00255EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/03 4:52 p.m.27 views

CVE-2020-37110 60CycleCMS 2.5.2 - 'news.php' SQL Injection Vulnerability

60CycleCMS 2.5.2 contains an SQL injection vulnerability in news.php and common/lib.php that allows attackers to manipulate database queries through unvalidated user input. Attackers can exploit vulnerable query parameters like 'title' to inject malicious SQL code and potentially extract or modif...

8.8CVSS0.00349EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/03 4:52 p.m.3 views

CVE-2020-37111

60CycleCMS 2.5.2 contains a cross-site scripting XSS vulnerability in news.php that allows attackers to inject malicious scripts through GET parameters. Attackers can craft malicious URLs with XSS payloads targeting the 'etsu' and 'ltsu' parameters to execute arbitrary scripts in victim's browser...

6.1CVSS5.7AI score0.00255EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/03 4:52 p.m.2 views

CVE-2020-37111 60CycleCMS 2.5.2 - 'news.php' Cross-site Scripting (XSS) Vulnerability

60CycleCMS 2.5.2 contains a cross-site scripting XSS vulnerability in news.php that allows attackers to inject malicious scripts through GET parameters. Attackers can craft malicious URLs with XSS payloads targeting the 'etsu' and 'ltsu' parameters to execute arbitrary scripts in victim's browser...

6.1CVSS5.7AI score0.00255EPSS
Exploits1References4
CVE
CVE
added 2026/02/03 4:52 p.m.16 views

CVE-2020-37111

CVE-2020-37111 affects 60CycleCMS 2.5.2 with an XSS in news.php . The vulnerability allows attackers to inject scripts via GET parameters, specifically the etsu and ltsu parameters, enabling execution of arbitrary scripts in victims’ browsers. The source documents consistently describe a client-s...

6.1CVSS5.7AI score0.00255EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/03 4:52 p.m.4 views

CVE-2020-37110 60CycleCMS 2.5.2 - 'news.php' SQL Injection Vulnerability

60CycleCMS 2.5.2 contains an SQL injection vulnerability in news.php and common/lib.php that allows attackers to manipulate database queries through unvalidated user input. Attackers can exploit vulnerable query parameters like 'title' to inject malicious SQL code and potentially extract or modif...

8.8CVSS5.2AI score0.00349EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.7 views

PT-2026-5856

60CycleCMS 2.5.2 contains a cross-site scripting XSS vulnerability in news.php that allows attackers to inject malicious scripts through GET parameters. Attackers can craft malicious URLs with XSS payloads targeting the 'etsu' and 'ltsu' parameters to execute arbitrary scripts in victim's browser...

6.1CVSS5.8AI score0.00255EPSS
Exploits1References5
OSV
OSV
added 2026/01/27 9:10 a.m.6 views

BIT-GITLAB-2025-13335 Loop with Unreachable Exit Condition ('Infinite Loop') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that under certain circumstances could have allowed an authenticated user to create a denial of service condition by configuring malformed Wiki documents that...

6.5CVSS6.1AI score0.00521EPSS
Exploits0References4
Wiz blog
Wiz blog
added 2026/01/26 5:25 p.m.6 views

Introducing SITF: The First Threat Framework Dedicated to SDLC Infrastructure

Moving beyond simple checklists to visualize, map, and block attacks on production SDLC infrastructure...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/23 3:22 p.m.4 views

CVE-2025-13335

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that under certain circumstances could have allowed an authenticated user to create a denial of service condition by configuring malformed Wiki documents that...

6.5CVSS5.9AI score0.00521EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 10:16 a.m.8 views

CVE-2025-13335

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that under certain circumstances could have allowed an authenticated user to create a denial of service condition by configuring malformed Wiki documents that...

6.5CVSS0.00521EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/22 10:16 a.m.4 views

CVE-2025-13335

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that under certain circumstances could have allowed an authenticated user to create a denial of service condition by configuring malformed Wiki documents that...

6.5CVSS6.1AI score0.00521EPSS
Exploits0References4
OSV
OSV
added 2026/01/22 10:16 a.m.4 views

UBUNTU-CVE-2025-13335

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that under certain circumstances could have allowed an authenticated user to create a denial of service condition by configuring malformed Wiki documents that...

6.5CVSS5.8AI score0.00521EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/01/22 10:4 a.m.4 views

CVE-2025-13335

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that under certain circumstances could have allowed an authenticated user to create a denial of service condition by configuring malformed Wiki documents that...

6.5CVSS5.6AI score0.00521EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/01/22 10:4 a.m.26 views

CVE-2025-13335 Loop with Unreachable Exit Condition ('Infinite Loop') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that under certain circumstances could have allowed an authenticated user to create a denial of service condition by configuring malformed Wiki documents that...

6.5CVSS0.00521EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/22 10:4 a.m.2 views

CVE-2025-13335 Loop with Unreachable Exit Condition ('Infinite Loop') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that under certain circumstances could have allowed an authenticated user to create a denial of service condition by configuring malformed Wiki documents that...

6.5CVSS5.5AI score0.00521EPSS
Exploits0References3
OSV
OSV
added 2026/01/22 10:4 a.m.4 views

CVE-2025-13335 Loop with Unreachable Exit Condition ('Infinite Loop') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that under certain circumstances could have allowed an authenticated user to create a denial of service condition by configuring malformed Wiki documents that...

6.5CVSS5.6AI score0.00521EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/01/22 10:4 a.m.8 views

CVE-2025-13335

Removed by vendor...

6.5CVSS6AI score0.00521EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-37875)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37875 advisory. - In the Linux kernel, the following vulnerability has been resolved: igc: fix PTM cycle trigger logic Writing...

5.5CVSS6.7AI score0.00225EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : libxml2-2.9.7-15.el8.1 (AXSA:2023-4778:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4778:01 advisory. libxml2: integer overflows with XMLPARSEHUGE CVE-2022-40303 libxml2: dict corruption caused by entity reference cycles CVE-2022-40304 Tenable has...

7.8CVSS7.8AI score0.22791EPSS
Exploits2References3
Rows per page
Query Builder