CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-14285

Malware in sbrugna...

6.1CVSS6.3AI score0.00264EPSS

Exploits1References4

OSV•added 2025/06/30 5:15 p.m.•1 views

CVE-2025-6916

A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748B20211015. This affects the function FormLogin of the file /formLoginAuth.htm. The manipulation of the argument authCode/goURL leads to missing authentication. The attack needs to be initiated within the local...

8.7CVSS5.3AI score0.00215EPSS

Exploits1References5

RedhatCVE•added 2025/05/22 5:47 p.m.•4 views

CVE-2020-21517

Cross Site Scripting XSS vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php...

6.1CVSS6AI score0.00264EPSS

Exploits1

CNVD•added 2025/04/14 12:0 a.m.•5 views

YzmCMS Cross-Site Scripting Vulnerability

YzmCMS is an open source CMS Content Management System. A cross-site scripting vulnerability exists in YzmCMS. The vulnerability stems from improper handling of the gourl parameter in message.tpl, which can be exploited by attackers to cause cross-site scripting attacks...

6.1CVSS6.1AI score0.0024EPSS

Exploits1References1

CNNVD•added 2025/04/08 12:0 a.m.•1 views

Yzmcms 安全漏洞

6.1CVSS6.2AI score0.0024EPSS

Exploits1References6

Positive Technologies•added 2025/04/08 12:0 a.m.•2 views

PT-2025-15314 · Yzmcms · Yzmcms

Name of the Vulnerable Software and Affected Versions: YzmCMS version 7.1 Description: A problematic vulnerability has been found, allowing for cross-site scripting through the manipulation of the gourl argument in an unknown function of the file message.tpl. This can be exploited remotely...

6.1CVSS4.3AI score0.0024EPSS

Exploits1References11

OSV•added 2021/06/21 3:15 p.m.•0 views

CVE-2020-21517

Cross Site Scripting XSS vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php...

6.1CVSS5.8AI score

Exploits0References3

Prion•added 2021/06/21 3:15 p.m.•13 views

Cross site scripting

Cross Site Scripting XSS vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php...

4.3CVSS6AI score0.00264EPSS

Exploits1References3Affected Software1

Cvelist•added 2021/06/21 2:55 p.m.•14 views

CVE-2020-21517

Cross Site Scripting XSS vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php...

6AI score0.00264EPSS

Exploits1References3

CVE•added 2021/06/21 2:55 p.m.•38 views

CVE-2020-21517

MetInfo 7.0.0 is affected by a Cross‑Site Scripting (XSS) vulnerability exploitable via the gourl parameter in login.php. The issue is identified as CVE-2020-21517. Provided sources consistently describe the vulnerable entry as MetInfo’s login flow accepting gourl input that can be manipulated to...

6.1CVSS6AI score0.00264EPSS

Exploits1References3Affected Software1

CNNVD•added 2021/06/21 12:0 a.m.•2 views

Metinfo 跨站脚本漏洞

MetInfo is a Content Management System CMS developed using PHP and Mysql. A cross-site scripting vulnerability exists in MetInfo. The vulnerability can be exploited to conduct cross-site scripting attacks via the gourl parameter in login.php...

6.1CVSS5.2AI score0.00264EPSS

Exploits1References3

OSV•added 2017/07/28 5:29 a.m.•2 views

CVE-2017-11718

There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl parameter to member/login.php...

6.1CVSS5.8AI score

Exploits0References1