Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-0407

Malware in sbrugna...

9.8CVSS9.3AI score0.03332EPSS
Exploits1References5
Github Security Blog
Github Security Blogadded 2018/08/21 5:3 p.m.24 views

Privilege Escalation due to Blind NoSQL Injection in flintcms

Versions of flintcms before version 1.1.10 are vulnerable to account takeover due to blind MongoDB injection in the password reset. Recommendation Update to version 1.1.10 or later...

9.8CVSS4.3AI score0.03332EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2018/08/21 5:3 p.m.16 views

GHSA-JHQ3-57XH-6643 Privilege Escalation due to Blind NoSQL Injection in flintcms

Versions of flintcms before version 1.1.10 are vulnerable to account takeover due to blind MongoDB injection in the password reset. Recommendation Update to version 1.1.10 or later...

9.8CVSS9.7AI score0.03332EPSS
Exploits1References4
CNVD
CNVDadded 2018/08/21 12:0 a.m.1 views

Flintcms Privilege Vulnerability

flintcms is a content management system CMS. A power-lifting vulnerability exists in flintcms 1.1.9 and earlier versions. An attacker can exploit this vulnerability to compromise an account...

9.8CVSS9.1AI score0.03332EPSS
Exploits1References1
Prion
Prionadded 2018/08/17 1:29 p.m.17 views

Design/Logic Flaw

A privilege escalation detected in flintcms versions = 1.1.9 allows account takeover due to blind MongoDB injection in password reset...

7.5CVSS9.7AI score0.03332EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2018/08/17 1:29 p.m.11 views

CVE-2018-3783

A privilege escalation detected in flintcms versions = 1.1.9 allows account takeover due to blind MongoDB injection in password reset...

9.8CVSS9.8AI score0.03332EPSS
Exploits1References1
OSV
OSVadded 2018/08/17 1:29 p.m.14 views

CVE-2018-3783

A privilege escalation detected in flintcms versions = 1.1.9 allows account takeover due to blind MongoDB injection in password reset...

9.8CVSS7.4AI score
Exploits0References1
Cvelist
Cvelistadded 2018/08/17 1:0 p.m.15 views

CVE-2018-3783

A privilege escalation detected in flintcms versions = 1.1.9 allows account takeover due to blind MongoDB injection in password reset...

9.9AI score0.03332EPSS
Exploits1References1
CVE
CVEadded 2018/08/17 1:0 p.m.50 views

CVE-2018-3783

CVE-2018-3783 applies to FlintCMS. Several advisories confirm a privilege escalation vulnerability in FlintCMS versions

9.8CVSS9.7AI score0.03332EPSS
Exploits1References1Affected Software1
Veracode
Veracodeadded 2018/08/16 7:40 a.m.18 views

Query Injection

flintcms is vulnerable to privilege escalation attacks. The library does not sanitize user input, allowing a malicious user to inject and execute arbitrary MongoDB queries through the password reset page...

9.8CVSS9.7AI score0.03332EPSS
Exploits1References2Affected Software1
Hacker One
Hacker Oneadded 2018/07/25 8:41 p.m.50 views

Node.js third-party modules: [flintcms] Account takeover due to blind MongoDB injection in password reset

I would like to report a privilege escalation vulnerability in flintcms. It allows to reset a known user password, extract its password reset token and reset its password to then access the account. Module module name: flintcms version: v.1.1.9 npm page: https://www.npmjs.com/package/flintcms...

7.5CVSS10AI score0.03332EPSS
Exploits1
Rows per page
Query Builder