Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2018/09/14 7:29 a.m.0 views

CVE-2018-17037

user/editpost.php in UCMS 1.4.6 mishandles levels, which allows escalation from the normal user level of 1 to the superuser level of 3...

8.8CVSS5.8AI score
Exploits0References1
CNVD
CNVDadded 2018/09/14 12:0 a.m.1 views

UCMS Elevation of Privilege Vulnerability

UCMS is a content management system written in PHP. A security vulnerability exists in the user/editpost.php file in UCMS version 1.4.6. An attacker can exploit this vulnerability to elevate an ordinary user's level 1 privileges to a super user's level 3 privileges...

8.8CVSS8.8AI score0.00357EPSS
Exploits1References1
OSV
OSVadded 2016/05/22 1:59 a.m.2 views

UBUNTU-CVE-2015-5715

The mweditPost function in wp-includes/class-wp-xmlrpc-server.php in the XMLRPC subsystem in WordPress before 4.3.1 allows remote authenticated users to bypass intended access restrictions, and arrange for a private post to be published and sticky, via unspecified vectors...

4.3CVSS6.6AI score0.28517EPSS
Exploits0References3
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.16 views

MyBB Multiple Cross-Site Scripting and SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13827/info MyBB is prone to multiple cross-site scripting and SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to...

7.1AI score
Exploits0
NVD
NVDadded 2013/08/20 2:55 p.m.9 views

CVE-2013-5320

Cross-site scripting XSS vulnerability in Forums/EditPost.aspx in mojoPortal before 2.3.9.8 allows remote attackers to inject arbitrary web script or HTML via the txtSubject parameter...

4.3CVSS5.7AI score0.00407EPSS
Exploits1References7
Prion
Prionadded 2013/08/20 2:55 p.m.5 views

Cross site scripting

Cross-site scripting XSS vulnerability in Forums/EditPost.aspx in mojoPortal before 2.3.9.8 allows remote attackers to inject arbitrary web script or HTML via the txtSubject parameter...

4.3CVSS6.1AI score0.00407EPSS
Exploits1References7Affected Software1
Prion
Prionadded 2011/02/21 7:0 p.m.14 views

Sql injection

Multiple SQL injection vulnerabilities in VastHTML Forum Server aka ForumPress plugin 1.6.1 and 1.6.5 for WordPress allow remote attackers to execute arbitrary SQL commands via the 1 searchmax parameter in a search action to index.php, which is not properly handled by wpf.class.php, 2 id paramete...

7.5CVSS9.3AI score0.02966EPSS
Exploits1References10Affected Software1
Cvelist
Cvelistadded 2010/12/30 8:0 p.m.14 views

CVE-2010-4522

Multiple cross-site scripting XSS vulnerabilities in MyBB aka MyBulletinBoard 1.4.14, and 1.6.x before 1.6.1, allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 editpost.php, 2 member.php, and 3 newreply.php...

5.7AI score0.00296EPSS
Exploits0References3
Rows per page
Query Builder