Lucene search
K

156 matches found

Cvelist
Cvelist
added 2022/09/30 5:5 p.m.20 views

CVE-2021-33354

Directory Traversal vulnerability in htmly before 2.8.1 allows remote attackers to perform arbitrary file deletions via modified file parameter...

8.3AI score0.01332EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/09/30 12:0 a.m.5 views

HTMLy 路径遍历漏洞

HTMLy is a PHP-based open source blogging platform. A path traversal vulnerability exists in HTMLy versions prior to 2.8.1. A remote attacker can exploit this vulnerability to delete arbitrary files with the help of modified file parameters...

8.1CVSS7.9AI score0.01332EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/09/30 12:0 a.m.6 views

PT-2022-10230 · Htmly · Htmly

Name of the Vulnerable Software and Affected Versions: htmly versions prior to 2.8.1 Description: The issue allows remote attackers to perform arbitrary file deletions via a modified file parameter. This is a Directory Traversal vulnerability, which enables attackers to access files outside the...

8.1CVSS8AI score0.01332EPSS
Exploits1References5
NVD
NVD
added 2022/08/26 1:15 p.m.37 views

CVE-2021-40285

htmly v2.8.1 was discovered to contain an arbitrary file deletion vulnerability via the component \views\backup.html.php...

8.1CVSS0.00855EPSS
Exploits1References1
Prion
Prion
added 2022/08/26 1:15 p.m.14 views

Arbitrary file deletion

htmly v2.8.1 was discovered to contain an arbitrary file deletion vulnerability via the component \views\backup.html.php...

5.5CVSS8.2AI score0.00855EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/08/26 12:50 p.m.25 views

CVE-2021-40285

htmly v2.8.1 was discovered to contain an arbitrary file deletion vulnerability via the component \views\backup.html.php...

8.4AI score0.00855EPSS
Exploits1References1
CVE
CVE
added 2022/08/26 12:50 p.m.58 views

CVE-2021-40285

htmly v2.8.1 contains an arbitrary file deletion vulnerability in the component \views\backup.html.php. Affected software: htmly 2.8.1. Root cause: arbitrary file deletion via the backup page component. Impact per CVSS: I and A HIGH, with availability impact also HIGH (per NVD metrics). Exploitat...

8.1CVSS8.1AI score0.00855EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/08/26 12:0 a.m.7 views

PT-2022-11210 · Htmly · Htmly

Name of the Vulnerable Software and Affected Versions: htmly version 2.8.1 Description: The issue is related to an arbitrary file deletion vulnerability. It affects the component viewsbackup.html.php. There is no information provided about the estimated number of potentially affected devices...

8.1CVSS7.9AI score0.00855EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/08/26 12:0 a.m.4 views

HTMLy 路径遍历漏洞

HTMLy is a PHP-based open source blogging platform. HTMLy v2.8.1 version of a path traversal vulnerability, the vulnerability stems from the presence of arbitrary file deletion in its viewsackup.html.php component...

8.1CVSS6.9AI score0.00855EPSS
Exploits1References2
CNVD
CNVD
added 2022/04/01 12:0 a.m.19 views

HTMLy cross-site scripting vulnerability (CNVD-2022-82257)

HTMLy is an open source database-free PHP blogging platform. A cross-site scripting vulnerability exists in HTMLy version 2.8.1, which originates from the presence of the "copyright" field in the /admin/config page. The vulnerability can be exploited to execute malicious code, manipulate pages to...

4.8CVSS5AI score0.0055EPSS
Exploits2References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.19 views

HTMLy cross-site scripting vulnerability (CNVD-2022-82256)

HTMLy is an open source database-free PHP blogging platform. A cross-site scripting vulnerability exists in HTMLy version 2.8.1, which originates from the "description" field in the admin/config and index.php pages. The vulnerability can be exploited to execute malicious code, manipulate pages to...

4.8CVSS5AI score0.00595EPSS
Exploits1References1
NVD
NVD
added 2022/03/31 6:15 p.m.17 views

CVE-2021-42946

A Cross Site Scripting XSS vulnerability exists in htmly.2.8.1 via the Copyright field in the /admin/config page...

4.8CVSS0.0055EPSS
Exploits1References1
OSV
OSV
added 2022/03/31 6:15 p.m.19 views

CVE-2021-42946

A Cross Site Scripting XSS vulnerability exists in htmly.2.8.1 via the Copyright field in the /admin/config page...

4.8CVSS5.9AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/31 6:15 p.m.4 views

CVE-2021-42946

A Cross Site Scripting XSS vulnerability exists in htmly.2.8.1 via the Copyright field in the /admin/config page...

4.8CVSS5.8AI score0.0055EPSS
Exploits1References2
NVD
NVD
added 2022/03/31 6:15 p.m.12 views

CVE-2021-42867

A Cross Site Scripting XSS vulnerability exists in DanPros htmly 2.8.1 via the Description field in 1 admin/config, and 2 index.php pages...

4.8CVSS0.00595EPSS
Exploits1References2
OSV
OSV
added 2022/03/31 6:15 p.m.17 views

CVE-2021-42867

A Cross Site Scripting XSS vulnerability exists in DanPros htmly 2.8.1 via the Description field in 1 admin/config, and 2 index.php pages...

4.8CVSS5.9AI score
Exploits0References2
Prion
Prion
added 2022/03/31 6:15 p.m.9 views

Cross site scripting

A Cross Site Scripting XSS vulnerability exists in DanPros htmly 2.8.1 via the Description field in 1 admin/config, and 2 index.php pages...

3.5CVSS4.9AI score0.00595EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/03/31 6:15 p.m.16 views

Cross site scripting

A Cross Site Scripting XSS vulnerability exists in htmly.2.8.1 via the Copyright field in the /admin/config page...

3.5CVSS4.9AI score0.0055EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/03/31 5:53 p.m.23 views

CVE-2021-42946

A Cross Site Scripting XSS vulnerability exists in htmly.2.8.1 via the Copyright field in the /admin/config page...

5.2AI score0.0055EPSS
Exploits1References1
CVE
CVE
added 2022/03/31 5:53 p.m.68 views

CVE-2021-42946

CVE-2021-42946 describes a Cross Site Scripting (XSS) vulnerability in HTMLy 2.8.1 that can be triggered through the “copyright” field on the /admin/config page. The connected sources confirm the affected product and location of the vulnerability, but do not provide explicit details on root cause...

4.8CVSS4.9AI score0.0055EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder