CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability was found in BoyunCMS up to 1.4.20 and classified as critical. Affected by this issue is some unknown functionality of the file /application/user/controller/Index.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The...

6.5CVSS7.1AI score0.00301EPSS

Exploits0References4

Cvelist•added 2025/07/07 12:2 a.m.•8 views

CVE-2025-7100 BoyunCMS Index.php unrestricted upload

6.5CVSS0.00301EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 7:39 a.m.•2 views

CVE-2024-31008

An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code and obtain sensitive information via the index.php file...

6.5CVSS7.5AI score0.00175EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 5:38 p.m.•6 views

CVE-2020-36037

An issue was disocvered in wuzhicms version 4.1.0, allows remote attackers to execte arbitrary code via the setting parameter to the ueditor in index.php...

8.8CVSS7.5AI score0.00394EPSS

Exploits1

RedhatCVE•added 2025/05/22 7:17 a.m.•4 views

CVE-2017-10667

In index.php in Zen Cart 1.6.0, the productsid parameter can cause XSS...

6.1CVSS6.9AI score0.00223EPSS

Exploits0References1

OSV•added 2018/06/29 5:29 a.m.•12 views

CVE-2018-12988

GreenCMS 2.3.0603 has an arbitrary file download vulnerability via an index.php?m=admin&c=media&a=downfile URI...

7.5CVSS7.3AI score

Exploits0References1

seebug.org•added 2014/07/01 12:0 a.m.•15 views

IF-CMS Index.PHP Cross-Site Scripting Vulnerability

No description provided by source...

7.1AI score

Exploits0

seebug.org•added 2011/01/19 12:0 a.m.•22 views

CmsEasp 2.0.0 LFI vulnerability

易通企业网站系统也称易通企业网站程序，是易通公司开发中国首套免费提供企业网站模板的营销型企业网站管理系统，系统前台生成html、完全符合SEO、同时有在线客服、潜在客户跟踪、便捷企业网站模板制作、搜索引擎推广等功能的企业网站系统。 CmsEasp 2.0.0 null http://server/index.php?case=../../../../../../../../../../../../../../../../etc/passwd%00...

7.1AI score

Exploits0

Exploit DB•added 2010/06/28 12:0 a.m.•23 views

Clix'N'Cash Clone 2010 - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/41202/info Clix'N'Cash Clone 2010 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access ...

7.4AI score

Exploits0

Packet Storm•added 2010/06/23 12:0 a.m.•25 views

Linker IMG 1.0 Remote File Inclusion

|| || | || o,7 || . o7 || 4||| ow, : / / | 1 1 0 I'm Sn!pEr.S!Te Hacker member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 ------------------------------------------------------------ Remote File Inclusion Vulnerability...

0.2AI score

Exploits0

seebug.org•added 2009/10/14 12:0 a.m.•21 views

AdaptBB 1.0 xss

No description provided by source. | D R U N K E N | || || || D A N I S H | || || |' R E D N E C K S '--''--''--' RESEARCH AND FUCKING HACKING: | DRUNKEN DANISH REDNECKS | || || || !!!!!!! | || || |' [email protected] '--''--''--' = ADAPTBB 1.0 XSS | | "q" PARMETER IN INDEX.PHP @...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by