Lucene search
K

160 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:0 p.m.6 views

CVE-2020-19891

DBHcms v1.2.0 has an Arbitrary file write vulnerability in dbhcms\mod\mod.editor.php $POST'updatefile' is filename and $POST'tinymcecontent' is file content, there is no filter function for security. A remote authenticated admin user can exploit this vulnerability to get a webshell...

7.2CVSS6.7AI score0.0141EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:28 p.m.6 views

CVE-2020-19889

DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF for index.php?dbhcmspid=-70 can add a user...

8.8CVSS7.1AI score0.00513EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:28 p.m.4 views

CVE-2020-19884

DBHcms v1.2.0 has a stored xss vulnerability as there is no htmlspecialchars function in dbhcms\mod\mod.domain.edit.php line 119...

4.8CVSS6.7AI score0.00564EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:7 p.m.8 views

CVE-2020-19888

DBHcms v1.2.0 has an unauthorized operation vulnerability because there's no access control at line 175 of dbhcms\page.php for empty cache operation. This vulnerability can be exploited to empty a table...

5.9CVSS6.9AI score0.00742EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:58 p.m.6 views

CVE-2020-19883

DBHcms v1.2.0 has a stored xss vulnerability as there is no security filter in dbhcms\mod\mod.users.view.php line 57 for userlogin, A remote authenticated with admin user can exploit this vulnerability to hijack other users...

4.8CVSS6.5AI score0.00659EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:55 p.m.6 views

CVE-2020-19880

DBHcms v1.2.0 has a stored xss vulnerability as there is no htmlspecialchars function form 'Name' in dbhcms\types.php, A remote unauthenticated attacker can exploit this vulnerability to hijack other users...

6.1CVSS6.8AI score0.0089EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:54 p.m.7 views

CVE-2020-19886

DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF for an /index.php?dbhcmspid=-80=9 can delete any menu...

8.1CVSS7.1AI score0.00439EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:49 p.m.6 views

CVE-2020-19890

DBHcms v1.2.0 has an Arbitrary file read vulnerability in dbhcms\mod\mod.editor.php $GET'file' is filename,and as there is no filter function for security, you can read any file's content...

4.9CVSS6.9AI score0.0092EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:45 p.m.6 views

CVE-2020-19887

DBHcms v1.2.0 has a stored XSS vulnerability as there is no htmlspecialchars function for '$POST'pageparaminsertdescription'' variable in dbhcms\mod\mod.page.edit.php line 227, A remote authenticated with admin user can exploit this vulnerability to hijack other users...

4.8CVSS5.7AI score0.00851EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:17 p.m.11 views

CVE-2020-19881

DBHcms v1.2.0 has a reflected xss vulnerability as there is no security filter in dbhcms\mod\mod.selector.php line 108 for $GET'returnname' parameter, A remote authenticated with admin user can exploit this vulnerability to hijack other users...

4.8CVSS6.7AI score0.00851EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:17 p.m.9 views

CVE-2020-19878

DBHcms v1.2.0 has a sensitive information leaks vulnerability as there is no security access control in /dbhcms/ext/news/ext.news.be.php, A remote unauthenticated attacker can exploit this vulnerability to get path information...

7.5CVSS6.8AI score0.01519EPSS
Exploits1
CNVD
CNVD
added 2020/12/29 12:0 a.m.1 views

Dbhcms Has Arbitrary File Read Vulnerability

Dbhcms is a small PHP open source content management system for personal and small business websites. Dbhcms has an arbitrary file read vulnerability that can be exploited by attackers to obtain sensitive information...

7AI score
Exploits0
CNVD
CNVD
added 2020/12/29 12:0 a.m.3 views

Dbhcms has a file upload vulnerability

Dbhcms is a small PHP open source content management system for personal and small business websites. Dbhcms has a file upload vulnerability that can be exploited by attackers to gain control of the server...

7.5AI score
Exploits0
CNVD
CNVD
added 2020/09/09 12:0 a.m.2 views

DBHcms Cross-Site Scripting Vulnerability (CNVD-2020-52191)

DBHcms is a small PHP open source content management system. It is suitable for personal and small business websites. DBHcms version 1.2.0 cross-site scripting vulnerability , the vulnerability stems from the lack of WEB applications on the client side of the correct validation of data , an...

4.8CVSS6.6AI score0.00859EPSS
Exploits1References1
CNVD
CNVD
added 2020/08/25 12:0 a.m.2 views

DBHcms Cross-Site Request Forgery Vulnerability

DBHcms is a small, free and open source content management system for personal and small business websites. DBHcms 1.2.0 suffers from a cross-site request forgery vulnerability. An attacker can exploit this vulnerability to add users via index.php?dbhcmspid=-70...

8.8CVSS6.9AI score0.00513EPSS
Exploits1References1
CNVD
CNVD
added 2020/08/25 12:0 a.m.3 views

DBHcms Cross-Site Scripting Vulnerability (CNVD-2020-49085)

DBHcms is a small, free and open source content management system for personal and small business websites. A stored cross-site scripting vulnerability exists in DBHcms 1.2.0. The vulnerability stems from the non-existence of the htmlspecialchars function form 'Name' in dbhcmstypes.php. An attack...

6.1CVSS6.1AI score0.0089EPSS
Exploits1References1
CNVD
CNVD
added 2020/08/25 12:0 a.m.3 views

DBHcms Cross-Site Scripting Vulnerability

DBHcms is a small, free and open source content management system for personal and small business websites. A stored cross-site scripting vulnerability exists in DBHcms 1.2.0. The vulnerability stems from the failure of the htmlspecialchars function in dbhcmsmodmod.domain.edit.php on line 119. An...

4.8CVSS6.1AI score0.00564EPSS
Exploits1References1
CNVD
CNVD
added 2020/08/25 12:0 a.m.2 views

DBHcms Arbitrary File Write Vulnerability

DBHcms is a small, free and open source content management system for personal and small business websites. An arbitrary file write vulnerability exists in dbhcmsmodmod.editor.php $POST'updatefile' in DBHcms 1.2.0. An administrator user can exploit this vulnerability to obtain a webshell...

7.2CVSS7AI score0.0141EPSS
Exploits1References1
CNVD
CNVD
added 2020/08/25 12:0 a.m.1 views

DBHcms Access Control Error Vulnerability

DBHcms is a small, free and open source content management system for personal and small business websites. An access control error vulnerability exists in DBHcms 1.2.0. The vulnerability stems from an access control failure to clear cache operation at line 175 of dbhcmspage.php. An attacker can...

5.9CVSS6.9AI score0.00742EPSS
Exploits1References1
CNVD
CNVD
added 2020/08/25 12:0 a.m.2 views

DBHcms Cross-Site Scripting Vulnerability (CNVD-2020-49088)

DBHcms is a small, free and open source content management system for personal and small business websites. A stored cross-site scripting vulnerability exists in DBHcms 1.2.0. The vulnerability stems from the failure of a security filter for userlogin to exist in dbhcmsmodmod.users.view.php on li...

4.8CVSS6.1AI score0.00659EPSS
Exploits1References1
Rows per page
Query Builder