Lucene search
K

127 matches found

NVD
NVD
added 2025/08/25 7:15 p.m.6 views

CVE-2025-9415

A vulnerability was identified in GreenCMS up to 2.3.0603. This affects an unknown part of the file /index.php?m=admin&c=media&a=fileconnect. The manipulation of the argument upload leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit is publicly available...

9.8CVSS0.00316EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/08/25 7:2 p.m.11 views

CVE-2025-9415 GreenCMS index.php unrestricted upload

A vulnerability was identified in GreenCMS up to 2.3.0603. This affects an unknown part of the file /index.php?m=admin&c=media&a=fileconnect. The manipulation of the argument upload leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit is publicly available...

6.5CVSS0.00316EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/08/25 7:2 p.m.3 views

CVE-2025-9415 GreenCMS index.php unrestricted upload

A vulnerability was identified in GreenCMS up to 2.3.0603. This affects an unknown part of the file /index.php?m=admin&c=media&a=fileconnect. The manipulation of the argument upload leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit is publicly available...

6.5CVSS7.1AI score0.00316EPSS
Exploits1References4
OSV
OSV
added 2025/08/25 7:2 p.m.4 views

CVE-2025-9415 GreenCMS index.php unrestricted upload

A vulnerability was identified in GreenCMS up to 2.3.0603. This affects an unknown part of the file /index.php?m=admin&c=media&a=fileconnect. The manipulation of the argument upload leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit is publicly available...

5.3CVSS6.3AI score0.00316EPSS
Exploits1References6
CVE
CVE
added 2025/08/25 7:2 p.m.15 views

CVE-2025-9415

GreenCMS ≤ 2.3.0603 contains an unrestricted file upload vulnerability in index.php?m=admin&c=media&a=fileconnect via manipulation of the upload[] parameter. The issue allows remote exploitation and is linked to publicly available exploits. It affects products no longer maintained. Remediation: u...

9.8CVSS7.1AI score0.00316EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/08/25 12:0 a.m.4 views

GreenCMS 安全漏洞

GreenCMS is an open source content management system CMS developed by GreenCMS based on ThinkPHP. A security vulnerability exists in GreenCMS 2.3.0603 and earlier versions, which stems from the incorrect operation of the parameter upload in the file/index.php?m=admin&c=media&a=fileconnect,...

9.8CVSS6.5AI score0.00316EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/08/25 12:0 a.m.5 views

PT-2025-34699

Name of the Vulnerable Software and Affected Versions: GreenCMS versions prior to 2.3.0604 Description: A vulnerability exists in GreenCMS that allows for unrestricted file upload. The issue is located in an unknown part of the file /index.php?m=admin&c=media&a=fileconnect. Manipulation of the...

9.8CVSS6.4AI score0.00316EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/05/23 9:34 a.m.7 views

CVE-2024-22570

A stored cross-site scripting XSS vulnerability in /install.php?m=install=index=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.6AI score0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:42 p.m.8 views

CVE-2022-28918

GreenCMS v2.3.0603 was discovered to contain an arbitrary file deletion vulnerability via /index.php?m=admin=custom=plugindelhandlename=...

8.1CVSS7.5AI score0.0103EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:26 p.m.7 views

CVE-2020-21366

Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php...

8CVSS7.1AI score0.00325EPSS
Exploits1
NVD
NVD
added 2024/01/29 8:15 p.m.19 views

CVE-2024-22570

A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.3AI score0.00277EPSS
Exploits0References1
OSV
OSV
added 2024/01/29 8:15 p.m.2 views

CVE-2024-22570

A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.9AI score0.00277EPSS
Exploits0References1
Prion
Prion
added 2024/01/29 8:15 p.m.11 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

4.9CVSS5.7AI score0.00277EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/29 12:0 a.m.21 views

CVE-2024-22570

A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4AI score0.00277EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/29 12:0 a.m.2 views

CVE-2024-22570

A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.7AI score0.00277EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/29 12:0 a.m.4 views

GreenCMS Cross-Site Scripting Vulnerability

GreenCMS is a content management system CMS developed on ThinkPHP. A cross-site scripting vulnerability exists in GreenCMS v2.3, which originated from a vulnerability that allows attackers to execute arbitrary web script or HTML via a specially crafted payload...

5.4CVSS6AI score0.00277EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/29 12:0 a.m.4 views

PT-2024-19491 · Greencms · Greencms

Name of the Vulnerable Software and Affected Versions: GreenCMS version 2.3 Description: A stored cross-site scripting XSS issue exists in the /install.php?m=install&c=index&a=step3 endpoint of GreenCMS, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.4AI score0.00277EPSS
Exploits0References3
CVE
CVE
added 2024/01/29 12:0 a.m.42 views

CVE-2024-22570

GreenCMS v2.3 contains a stored XSS in the /install.php?m=install&c=index&a=step3 endpoint. The vulnerability allows attackers to inject arbitrary scripts via a crafted payload, with impact on visiting users who load the affected page. The CVE notes a stored XSS scenario; the current connected so...

5.4CVSS5.2AI score0.00277EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/06/20 3:15 p.m.22 views

CVE-2020-21366

Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php...

8CVSS8AI score0.00325EPSS
Exploits1References1
OSV
OSV
added 2023/06/20 3:15 p.m.3 views

CVE-2020-21366

Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php...

8CVSS5.8AI score0.00325EPSS
Exploits1References1
Rows per page
Query Builder