CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

RedhatCVE•added 2026/02/03 3:18 p.m.•4 views

CVE-2025-70960

A stored cross-site scripting XSS vulnerability in the Forums module of Tendenci CMS v15.3.7 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

5.4CVSS5.4AI score0.00019EPSS

Exploits1References1

OSV•added 2026/02/02 11:16 p.m.•3 views

PYSEC-2026-138

A stored cross-site scripting XSS vulnerability in the Forums module of Tendenci CMS v15.3.7 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

5.4CVSS5.9AI score0.00019EPSS

Exploits1References1

OSV•added 2026/02/02 11:16 p.m.•1 views

CVE-2025-70960

A stored cross-site scripting XSS vulnerability in the Forums module of Tendenci CMS v15.3.7 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

5.4CVSS5.5AI score

Exploits0References1

NVD•added 2026/02/02 11:16 p.m.•2 views

CVE-2025-70960

A stored cross-site scripting XSS vulnerability in the Forums module of Tendenci CMS v15.3.7 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

5.4CVSS0.00019EPSS

Exploits1References1

CNNVD•added 2026/02/02 12:0 a.m.•3 views

Tendenci 安全漏洞

Tendenci is a membership management software developed by Tendenci Inc. in the United States, primarily used by non-profit organizations and associations. This software supports functions such as member management, content management, event management, and online donation management. Version 15.3...

5.4CVSS5.8AI score0.00019EPSS

Exploits1References2

Vulnrichment•added 2026/02/02 12:0 a.m.•1 views

CVE-2025-70960

A stored cross-site scripting XSS vulnerability in the Forums module of Tendenci CMS v15.3.7 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

5.4AI score0.00019EPSS

Exploits1References1

ATTACKERKB•added 2026/02/02 12:0 a.m.•1 views

CVE-2025-70960

A stored cross-site scripting XSS vulnerability in the Forums module of Tendenci CMS v15.3.7 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

5.4AI score0.00019EPSS

Exploits1References2

Positive Technologies•added 2026/02/02 12:0 a.m.•2 views

PT-2026-5706

Name of the Vulnerable Software and Affected Versions Tendenci CMS version 15.3.7 Description A stored cross-site scripting XSS issue exists in the Forums module. This allows attackers to inject a crafted payload and execute arbitrary web scripts or HTML. Recommendations At the moment, there is n...

5.4CVSS5.3AI score0.00019EPSS

Exploits1References5

CVE•added 2026/02/02 12:0 a.m.•5 views

CVE-2025-70960

CVE-2025-70960 concerns a stored XSS in Tendenci CMS, specifically in the Forums module of version v15.3.7. The issue allows an attacker to inject a crafted payload to execute arbitrary web scripts/HTML, with the underlying root cause described as a stored XSS vector. Per the provided metrics, th...

5.4CVSS5.4AI score0.00019EPSS

Exploits1References1Affected Software1

Cvelist•added 2026/02/02 12:0 a.m.•22 views

CVE-2025-70960

A stored cross-site scripting XSS vulnerability in the Forums module of Tendenci CMS v15.3.7 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

0.00019EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-1540

Malware in sbrugna...

7.5CVSS6.4AI score0.00462EPSS

Exploits1References4

Packet Storm•added 2016/02/22 12:0 a.m.•38 views

Oxwall Forum 1.8.1 Cross Site Scripting

Document Title: =============== Oxwall Forum v1.8.1 - Persistent Cross Site Scripting Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1740 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID VL-ID:...

7.4AI score

Exploits0

NVD•added 2008/03/28 6:44 p.m.•7 views

CVE-2008-1539

SQL injection vulnerability in includes/dynamictitles.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary SQL commands via the p parameter to modules.php for the Forums module...

7.5CVSS8.4AI score0.00462EPSS

Exploits1References3

Prion•added 2008/03/28 6:44 p.m.•12 views

Sql injection

7.5CVSS9.1AI score0.00462EPSS

Exploits1References3Affected Software1

Prion•added 2007/10/24 11:46 p.m.•6 views

Remote file inclusion

PHP remote file inclusion vulnerability in modules/Forums/favorites.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary PHP code via a URL in the nukebbrootpath parameter...

6.8CVSS8AI score0.03405EPSS

Exploits0References3Affected Software1

securityvulns•added 2006/05/31 12:0 a.m.•83 views

# MHG Security Team --- PHP NUKE All version Remote File Inc.

Milli-Harekat Advisory www.milli-harekat.org PHP-Nuke = All version - Remote File Include Vulnerabilities Risk : High Class: Remote Script : PHP NUKE ALL VERSION Credits : ERNE Thanks : DjReMix,Eskobar,TRIP,Яy KorsaN,OsL3m7,Poizonbox,Dilejyoner and All MHG USERS Vulnerable :...

0.6AI score

Exploits0

Packet Storm•added 2003/03/11 12:0 a.m.•20 views

phpnuke60.2.txt

Informations : °°°°°°°°°°°°°° Language : PHP Website : http://www.phpnuke.org Version : 6.0 & 6.5 RC2 Modules : Forums, PrivateMessages Problem : SQL Injection PHP Code/Location : °°°°°°°°°°°°°°°°°°° /modules/Forums/viewtopic.php :...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by