CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability was found in DolphinPHP up to 1.5.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file common.php of the component Incomplete Fix CVE-2021-46097. The manipulation of the argument id leads to os command injection. The attack ca...

9.8CVSS6.8AI score0.05105EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 11:19 p.m.•0 views

CVE-2022-37254

DolphinPHP 1.5.1 is vulnerable to Cross Site Scripting XSS via Background - System - system function - configuration management...

5.4CVSS6.1AI score0.00209EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 10:16 p.m.•5 views

CVE-2022-1086

A vulnerability was found in DolphinPHP up to 1.5.0 and classified as problematic. Affected by this issue is the User Management Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

5.4CVSS6.1AI score0.00281EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 6:54 p.m.•5 views

CVE-2021-46097

Dolphinphp v1.5.0 contains a remote code execution vulnerability in /application/common.phpactionlog...

8.8CVSS7.7AI score0.02364EPSS

Exploits1

NVD•added 2023/02/21 10:15 a.m.•9 views

CVE-2023-0935

9.8CVSS7.8AI score0.05105EPSS

Exploits1References3

OSV•added 2023/02/21 10:15 a.m.•15 views

CVE-2023-0935

9.8CVSS7.5AI score

Exploits0References3

Prion•added 2023/02/21 10:15 a.m.•14 views

Command injection

6.5CVSS9.1AI score0.05105EPSS

Exploits2References3Affected Software1

Vulnrichment•added 2023/02/21 9:19 a.m.•7 views

CVE-2023-0935 DolphinPHP Incomplete Fix CVE-2021-46097 common.php os command injection

6.5CVSS9.9AI score0.05105EPSS

Exploits1References3

CVE•added 2023/02/21 9:19 a.m.•59 views

CVE-2023-0935

CVE-2023-0935 affects DolphinPHP (up to 1.5.1) and stems from handling of the parameter id in the file common.php , enabling remote OS command injection . The issue is linked to an “Incomplete Fix CVE-2021-46097” and has had an exploit disclosed publicly; the associated vulnerability ID is VDB-22...

9.8CVSS7.8AI score0.05105EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/02/21 9:19 a.m.•14 views

CVE-2023-0935 DolphinPHP Incomplete Fix CVE-2021-46097 common.php os command injection

6.5CVSS9.9AI score0.05105EPSS

Exploits1References3

CNNVD•added 2023/02/21 12:0 a.m.•3 views

DolphinPHP 操作系统命令注入漏洞

DolphinPHP is an open source Php rapid development framework based on ThinkPhp 5.1.34 Lts. An OS command injection vulnerability exists in DolphinPHP version 1.5.1 and earlier versions, which stems from incorrect manipulation of the parameter id leading to os command injection...

9.8CVSS7AI score0.05105EPSS

Exploits1References4

Positive Technologies•added 2023/02/21 12:0 a.m.•1 views

PT-2023-16623 · Unknown · Dolphinphp

Name of the Vulnerable Software and Affected Versions: DolphinPHP versions up to 1.5.1 Description: A critical issue was found in DolphinPHP, affecting an unknown functionality of the file common.php. The manipulation of the id argument leads to os command injection. This issue can be exploited...

9.8CVSS7.5AI score0.05105EPSS

Exploits1References5

NVD•added 2022/08/19 5:15 p.m.•7 views

CVE-2022-37254

DolphinPHP 1.5.1 is vulnerable to Cross Site Scripting XSS via Background - System - system function - configuration management...

5.4CVSS0.00209EPSS

Exploits1References1

OSV•added 2022/08/19 5:15 p.m.•10 views

CVE-2022-37254

DolphinPHP 1.5.1 is vulnerable to Cross Site Scripting XSS via Background - System - system function - configuration management...

5.4CVSS6AI score

Exploits0References1