70 matches found
CVE-2019-16314
Indexhibit 2.1.5 allows a product reinstallation, with resultant remote code execution, via /ndxzstudio/install.php?p=2...
EUVD-2019-18341
Malware in sbrugna...
EUVD-2020-10054
Malware in sbrugna...
EUVD-2020-10055
Malware in sbrugna...
EUVD-2020-10050
Malware in sbrugna...
EUVD-2020-10053
Malware in sbrugna...
EUVD-2020-10052
Malware in sbrugna...
EUVD-2020-10056
Malware in sbrugna...
CVE-2020-18124
A cross-site request forgery CSRF vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily reset account passwords...
CVE-2020-18127
An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files...
CVE-2020-18121
A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell...
CVE-2020-18125
A reflected cross-site scripting XSS vulnerability in the /plugin/ajax.php component of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML...
CVE-2020-18123
A cross-site request forgery CSRF vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily delete admin accounts...
CVE-2020-18126
Multiple stored cross-site scripting XSS vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML...
CVE-2019-8954
In Indexhibit 2.1.5, remote attackers can execute arbitrary code via the v parameter in conjunction with the id parameter in a updjxcode=true action to the ndxzstudio/?a=system URI...
Indexhibit Cross-Site Scripting Vulnerability (CNVD-2021-67909)
Indexhibit is a web-based content management system. A reflection-based cross-site scripting vulnerability exists in the /plugin/ajax.php component of Indexhibit version 2.1.5. An attacker could use this vulnerability to execute arbitrary web script or HTML...
Indexhibit Cross-Site Scripting Vulnerability
Indexhibit, a web-based content management system, is vulnerable to a stored cross-site scripting vulnerability in the Sections module in Indexhibit version 2.1.5. An attacker can exploit this vulnerability to execute arbitrary web script or HTML...
Indexhibit improper access control vulnerability
Indexhibit is a web-based content management system. An improper access control vulnerability exists in the /config/config.php component of Indexhibit version 2.1.5. An attacker could exploit this vulnerability to view arbitrary files...
Indexhibit Cross-Site Request Forgery Vulnerability (CNVD-2021-67907)
Indexhibit is a web-based content management system. A cross-site request forgery vulnerability exists in Indexhibit version 2.1.5. An attacker can exploit this vulnerability to arbitrarily delete an administrator account...
Indexhibit Cross-Site Request Forgery Vulnerability
Indexhibit is a web-based content management system. indexhibit version 2.1.5 is vulnerable to cross-site request forgery. An attacker can use this vulnerability to arbitrarily reset the account password...