Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-26463

Malware in sbrugna...

4.8CVSS5AI score0.03008EPSS
Exploits5References7
RedhatCVE
RedhatCVE
added 2025/05/22 7:41 p.m.6 views

CVE-2021-3111

The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI...

4.8CVSS5.5AI score0.03008EPSS
Exploits5References1
Exploit DB
Exploit DB
added 2021/03/29 12:0 a.m.299 views

Concrete5 8.5.4 - 'name' Stored XSS

Exploit Title: Concrete5 8.5.4 - 'name' Stored XSS Date: 2021-01 Exploit Author: Quadron Research Lab Version: Concrete5 8.5.4 Tested on: Windows 10 x64 HUN/ENG Professional Vendor: Concrete5 CMS https://www.concrete5.org CVE: CVE-2021-3111 Suggested description The Express Entries Dashboard...

4.8CVSS5.6AI score0.03008EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/03/29 12:0 a.m.366 views

Concrete5 8.5.4 Cross Site Scripting

Exploit Title: Concrete5 8.5.4 - 'name' Stored XSS Date: 2021-01 Exploit Author: Quadron Research Lab Version: Concrete5 8.5.4 Tested on: Windows 10 x64 HUN/ENG Professional Vendor: Concrete5 CMS https://www.concrete5.org CVE: CVE-2021-3111 Suggested description The Express Entries Dashboard...

3.5CVSS0.03008EPSS
Exploits5
OSV
OSV
added 2021/01/08 3:15 p.m.4 views

CVE-2021-3111

The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI...

4.8CVSS6AI score0.03008EPSS
Exploits5References5
Prion
Prion
added 2021/01/08 3:15 p.m.16 views

Cross site scripting

The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI...

3.5CVSS4.7AI score0.03008EPSS
Exploits5References5Affected Software1
CVE
CVE
added 2021/01/08 2:18 p.m.105 views

CVE-2021-3111

CVE-2021-3111 affects Concrete5 CMS 8.5.4, with a stored XSS in the Express Entries Dashboard (name field at index.php/dashboard/express/entries/view/). Root cause: insufficient input filtering of the name field. Public disclosures and PoCs exist (Exploit-DB, PacketStorm); no remediation/version ...

4.8CVSS5AI score0.03008EPSS
Exploits5References5Affected Software1
Cvelist
Cvelist
added 2021/01/08 2:18 p.m.41 views

CVE-2021-3111

The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI...

5.4AI score0.03008EPSS
Exploits5References5
Rows per page
Query Builder