Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

67 matches found

Cvelist
Cvelistadded 2012/11/26 11:0 p.m.32 views

CVE-2010-5285

Cross-site request forgery CSRF vulnerability in admin.php in Collabtive 0.6.5 allows remote attackers to hijack the authentication of administrators for requests that add administrative users via the edituser action...

7AI score0.01334EPSS
Exploits1References5
NVD
NVDadded 2012/10/06 9:55 p.m.10 views

CVE-2012-0987

Directory traversal vulnerability in edituser.php in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x before 1.3.1 Final allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the icmsConfigPluginssanitizerplugins parameter...

6CVSS6.7AI score0.01518EPSS
Exploits2References7
securityvulns
securityvulnsadded 2009/08/25 12:0 a.m.42 views

Cuteflow Version 2.10.3 "edituser.php" Security Bypass Vulnerability

It's possible edit the users including the admin account, bypassing the authentication through the address: http://localhost/cuteflow/pages/edituser.php?userid=1&language=pt&sortby=st rLastName&sortdir=ASC&start=1 The vulnerability is caused due to the application not properly restricting access ...

2.1AI score
Exploits0
Prion
Prionadded 2009/06/19 6:0 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Pivot 1.40.4 and 1.40.7 allow remote attackers to inject arbitrary web script or HTML via the 1 menu or 2 sort parameter to pivot/index.php, 3 the value of a check array parameter in a delete action to pivot/index.php, 4 the element name in a...

4.3CVSS6.1AI score0.04089EPSS
Exploits1References9Affected Software1
Cvelist
Cvelistadded 2009/06/19 5:32 p.m.22 views

CVE-2009-2133

Multiple cross-site scripting XSS vulnerabilities in Pivot 1.40.4 and 1.40.7 allow remote attackers to inject arbitrary web script or HTML via the 1 menu or 2 sort parameter to pivot/index.php, 3 the value of a check array parameter in a delete action to pivot/index.php, 4 the element name in a...

5.7AI score0.04089EPSS
Exploits1References9
Prion
Prionadded 2006/02/20 10:2 p.m.18 views

Cross site scripting

Interpretation conflict in PostNuke 0.761 and earlier allows remote attackers to conduct cross-site scripting XSS attacks via HTML tags with a trailing "" character by some web browsers but bypasses the blacklist protection in 1 the pnVarCleanFromInput function in pnAPI.php, 2 the pnSecureInput...

2.6CVSS5.9AI score0.02128EPSS
Exploits1References7Affected Software1
NVD
NVDadded 2006/02/20 10:2 p.m.28 views

CVE-2006-0800

Interpretation conflict in PostNuke 0.761 and earlier allows remote attackers to conduct cross-site scripting XSS attacks via HTML tags with a trailing "" character by some web browsers but bypasses the blacklist protection in 1 the pnVarCleanFromInput function in pnAPI.php, 2 the pnSecureInput...

2.6CVSS5.7AI score0.02128EPSS
Exploits1References7
Rows per page
Query Builder