CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2018/12/28 4:29 p.m.•12 views

CVE-2018-20565

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/nav.php?rec=update has XSS via the navname parameter...

4.8CVSS4.9AI score0.00235EPSS

NVD•added 2018/12/28 4:29 p.m.•7 views

CVE-2018-20563

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/mobile.php?rec=system&act=update has XSS via the mobilename parameter...

4.8CVSS4.9AI score0.00235EPSS

Prion•added 2018/12/28 4:29 p.m.•13 views

Default credentials

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/nav.php?rec=update has XSS via the navname parameter...

Prion•added 2018/12/28 4:29 p.m.•17 views

Design/Logic Flaw

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/page.php?rec=edit has XSS via the pagename parameter...

Prion•added 2018/12/28 4:29 p.m.•16 views

Design/Logic Flaw

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product.php?rec=update has XSS via the name parameter...

Prion•added 2018/12/28 4:29 p.m.•9 views

Design/Logic Flaw

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/show.php?rec=update has XSS via the showname parameter...

Prion•added 2018/12/28 4:29 p.m.•9 views

Design/Logic Flaw

An issue was discovered in DouCo DouPHP 1.5 20181221. \install\index.php allows a reload of the product in opportunistic circumstances in which install.lock cannot be read...

5CVSS5.3AI score0.00269EPSS

Prion•added 2018/12/28 4:29 p.m.•13 views

Path traversal

An issue was discovered in DouCo DouPHP 1.5 20181221. It allows full path disclosure in "Smarty error: unable to read resource" error messages for a crafted installation page...

5CVSS5.1AI score0.00366EPSS

Prion•added 2018/12/28 4:29 p.m.•14 views

Design/Logic Flaw

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/articlecategory.php?rec=update has XSS via the catname parameter...

Prion•added 2018/12/28 4:29 p.m.•10 views

Default credentials

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/article.php?rec=update has XSS via the title parameter...

Prion•added 2018/12/28 4:29 p.m.•11 views

Design/Logic Flaw

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/mobile.php?rec=system&act=update has XSS via the mobilename parameter...

Prion•added 2018/12/28 4:29 p.m.•12 views

Design/Logic Flaw

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/productcategory.php?rec=update has XSS via the catname parameter...

Cvelist•added 2018/12/28 3:0 p.m.•12 views

CVE-2018-20565

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/nav.php?rec=update has XSS via the navname parameter...

Cvelist•added 2018/12/28 3:0 p.m.•11 views

CVE-2018-20563

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/mobile.php?rec=system&act=update has XSS via the mobilename parameter...

Cvelist•added 2018/12/28 3:0 p.m.•14 views

CVE-2018-20557

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/page.php?rec=edit has XSS via the pagename parameter...

CVE•added 2018/12/28 3:0 p.m.•43 views

CVE-2018-20562

Vulnerability summary (CVE-2018-20562): DouCo DouPHP 1.5 (build 20181221) contains a cross-site scripting flaw in admin/article_category.php?rec=update, exploitable through the cat_name parameter. The issue is that user-supplied input can be reflected in the page without proper sanitization, enab...

4.8CVSS4.8AI score0.00235EPSS

Cvelist•added 2018/12/28 3:0 p.m.•14 views

CVE-2018-20567

An issue was discovered in DouCo DouPHP 1.5 20181221. \install\index.php allows a reload of the product in opportunistic circumstances in which install.lock cannot be read...

5.3AI score0.00269EPSS

Cvelist•added 2018/12/28 3:0 p.m.•13 views

CVE-2018-20564

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/productcategory.php?rec=update has XSS via the catname parameter...

Cvelist•added 2018/12/28 3:0 p.m.•11 views

CVE-2018-20559

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product.php?rec=update has XSS via the name parameter...