Lucene search
K

32 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:25 p.m.8 views

CVE-2018-12626

An issue was discovered in Eventum 3.5.0. /htdocs/popup.php has XSS via the cat parameter...

6.1CVSS5.8AI score0.00905EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-4583

Malware in sbrugna...

6.1CVSS6.3AI score0.00905EPSS
Exploits0References3
OSV
OSV
added 2019/09/05 4:15 p.m.16 views

CVE-2018-11569

Controller/ListController.php in Eventum 3.5.0 is vulnerable to Deserialization of Untrusted Data. Fixed in version 3.5.2...

9.8CVSS6.8AI score
Exploits0References1
Cvelist
Cvelist
added 2019/09/05 3:32 p.m.17 views

CVE-2018-11569

Controller/ListController.php in Eventum 3.5.0 is vulnerable to Deserialization of Untrusted Data. Fixed in version 3.5.2...

9.5AI score0.01743EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/12 12:0 a.m.2 views

Eventum Cross-Site Request Forgery Vulnerability

Eventum is a defect tracking system. The system is used to track inbound technical support, organizational tasks, bugs, etc. A cross-site request forgery vulnerability exists in the htdocs/manage/users.php file in Eventum version 3.5.0, which stems from a WEB application that does not adequately...

8.8CVSS6.9AI score0.00657EPSS
Exploits0References1
NVD
NVD
added 2019/07/10 12:15 p.m.16 views

CVE-2018-12626

An issue was discovered in Eventum 3.5.0. /htdocs/popup.php has XSS via the cat parameter...

6.1CVSS6AI score0.00905EPSS
Exploits0References2
OSV
OSV
added 2019/07/10 12:15 p.m.10 views

CVE-2018-12623

An issue was discovered in Eventum 3.5.0. htdocs/switch.php has XSS via the currentpage parameter...

6.1CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2019/07/10 12:15 p.m.15 views

CVE-2018-12628

An issue was discovered in Eventum 3.5.0. CSRF in htdocs/manage/users.php allows creating another user with admin privileges...

8.8CVSS8.7AI score0.00657EPSS
Exploits0References2
NVD
NVD
added 2019/07/10 12:15 p.m.21 views

CVE-2018-12625

An issue was discovered in Eventum 3.5.0. /htdocs/validate.php has XSS via the values parameter...

6.1CVSS6AI score0.00905EPSS
Exploits0References2
OSV
OSV
added 2019/07/10 12:15 p.m.13 views

CVE-2018-12625

An issue was discovered in Eventum 3.5.0. /htdocs/validate.php has XSS via the values parameter...

6.1CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2019/07/10 12:15 p.m.16 views

CVE-2018-12628

An issue was discovered in Eventum 3.5.0. CSRF in htdocs/manage/users.php allows creating another user with admin privileges...

8.8CVSS6.9AI score
Exploits0References2
OSV
OSV
added 2019/07/10 12:15 p.m.13 views

CVE-2018-12627

An issue was discovered in Eventum 3.5.0. /htdocs/list.php has XSS via the shownotificationlistissues or showauthorizedissues parameter...

6.1CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2019/07/10 12:15 p.m.17 views

Cross site request forgery (csrf)

An issue was discovered in Eventum 3.5.0. CSRF in htdocs/manage/users.php allows creating another user with admin privileges...

6.8CVSS8.6AI score0.00657EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/07/10 12:15 p.m.23 views

Code injection

An issue was discovered in Eventum 3.5.0. htdocs/switch.php has XSS via the currentpage parameter...

4.3CVSS5.9AI score0.00905EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/07/10 12:15 p.m.15 views

Code injection

An issue was discovered in Eventum 3.5.0. /htdocs/list.php has XSS via the shownotificationlistissues or showauthorizedissues parameter...

4.3CVSS5.9AI score0.00905EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/07/10 12:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in Eventum 3.5.0. htdocs/ajax/update.php has XSS via the fieldname parameter...

4.3CVSS5.9AI score0.00905EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/07/10 12:15 p.m.17 views

Cross site scripting

An issue was discovered in Eventum 3.5.0. /htdocs/validate.php has XSS via the values parameter...

4.3CVSS5.9AI score0.00905EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/07/10 11:45 a.m.36 views

CVE-2018-12628

Eventum 3.5.0 is affected by a CSRF vulnerability in htdocs/manage/users.php that allows an attacker to create another user with admin privileges. This CVE-2018-12628 entry documents the issue and its impact: unauthorized account creation with admin rights via CSRF, enabling partial/high impact c...

8.8CVSS8.6AI score0.00657EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/07/10 11:44 a.m.19 views

CVE-2018-12626

An issue was discovered in Eventum 3.5.0. /htdocs/popup.php has XSS via the cat parameter...

6AI score0.00905EPSS
Exploits0References2
CVE
CVE
added 2019/07/10 11:44 a.m.36 views

CVE-2018-12626

Eventum 3.5.0 is affected by a cross-site scripting vulnerability in /htdocs/popup.php via the cat parameter. Impact is described as client-side code execution with partial integrity impact (per CVE notes). Connected advisories from Red Hat and CNVD/EUVD mirrors confirm the same issue exists in E...

6.1CVSS5.9AI score0.00905EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder