Lucene search
+L

70 matches found

redhatcve
redhatcve
added 2026/01/07 9:33 a.m.7 views

CVE-2019-16314

Indexhibit 2.1.5 allows a product reinstallation, with resultant remote code execution, via /ndxzstudio/install.php?p=2...

9.8CVSS7.6AI score0.38732EPSS
Exploits3References1
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-18341

Malware in sbrugna...

8.8CVSS8.8AI score0.02695EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-10054

Malware in sbrugna...

6.1CVSS6.3AI score0.00574EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-10055

Malware in sbrugna...

5.4CVSS5.5AI score0.00503EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-10050

Malware in sbrugna...

8.8CVSS8.7AI score0.00969EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-10053

Malware in sbrugna...

5.7CVSS5.7AI score0.00355EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-10052

Malware in sbrugna...

6.5CVSS6.5AI score0.00425EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-10056

Malware in sbrugna...

6.5CVSS6.5AI score0.01172EPSS
Exploits1References3
redhatcve
redhatcve
added 2025/05/22 4:27 p.m.6 views

CVE-2020-18124

A cross-site request forgery CSRF vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily reset account passwords...

5.7CVSS7AI score0.00355EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 4:1 p.m.8 views

CVE-2020-18127

An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files...

6.5CVSS6.8AI score0.01172EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 4:1 p.m.9 views

CVE-2020-18121

A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell...

8.8CVSS6.7AI score0.00969EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 3:16 p.m.9 views

CVE-2020-18125

A reflected cross-site scripting XSS vulnerability in the /plugin/ajax.php component of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS6AI score0.00574EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 3:16 p.m.6 views

CVE-2020-18123

A cross-site request forgery CSRF vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily delete admin accounts...

6.5CVSS6.9AI score0.00425EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 3:16 p.m.7 views

CVE-2020-18126

Multiple stored cross-site scripting XSS vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML...

5.4CVSS6.1AI score0.00503EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 8:47 a.m.7 views

CVE-2019-8954

In Indexhibit 2.1.5, remote attackers can execute arbitrary code via the v parameter in conjunction with the id parameter in a updjxcode=true action to the ndxzstudio/?a=system URI...

8.8CVSS7.9AI score0.02695EPSS
Exploits1References1
cnvd
cnvd
added 2021/08/31 12:0 a.m.21 views

Indexhibit Cross-Site Scripting Vulnerability (CNVD-2021-67909)

Indexhibit is a web-based content management system. A reflection-based cross-site scripting vulnerability exists in the /plugin/ajax.php component of Indexhibit version 2.1.5. An attacker could use this vulnerability to execute arbitrary web script or HTML...

6.1CVSS3.4AI score0.00574EPSS
Exploits1References1
cnvd
cnvd
added 2021/08/31 12:0 a.m.17 views

Indexhibit Cross-Site Scripting Vulnerability

Indexhibit, a web-based content management system, is vulnerable to a stored cross-site scripting vulnerability in the Sections module in Indexhibit version 2.1.5. An attacker can exploit this vulnerability to execute arbitrary web script or HTML...

5.4CVSS3.2AI score0.00503EPSS
Exploits1References1
cnvd
cnvd
added 2021/08/31 12:0 a.m.12 views

Indexhibit improper access control vulnerability

Indexhibit is a web-based content management system. An improper access control vulnerability exists in the /config/config.php component of Indexhibit version 2.1.5. An attacker could exploit this vulnerability to view arbitrary files...

6.5CVSS5.8AI score0.01172EPSS
Exploits1References1
cnvd
cnvd
added 2021/08/31 12:0 a.m.27 views

Indexhibit Cross-Site Request Forgery Vulnerability (CNVD-2021-67907)

Indexhibit is a web-based content management system. A cross-site request forgery vulnerability exists in Indexhibit version 2.1.5. An attacker can exploit this vulnerability to arbitrarily delete an administrator account...

6.5CVSS6.3AI score0.00425EPSS
Exploits1References1
cnvd
cnvd
added 2021/08/31 12:0 a.m.10 views

Indexhibit Cross-Site Request Forgery Vulnerability

Indexhibit is a web-based content management system. indexhibit version 2.1.5 is vulnerable to cross-site request forgery. An attacker can use this vulnerability to arbitrarily reset the account password...

5.7CVSS4.9AI score0.00355EPSS
Exploits1References1
Rows per page
Query Builder