Lucene search
K

27 matches found

redhatcve
redhatcve
added 2025/05/22 4:1 p.m.8 views

CVE-2020-18121

A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell...

8.8CVSS6.7AI score0.00969EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 3:16 p.m.8 views

CVE-2020-18125

A reflected cross-site scripting XSS vulnerability in the /plugin/ajax.php component of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS6AI score0.00574EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 3:16 p.m.7 views

CVE-2020-18126

Multiple stored cross-site scripting XSS vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML...

5.4CVSS6.1AI score0.00503EPSS
Exploits1
nvd
nvd
added 2021/08/30 6:15 p.m.20 views

CVE-2020-18124

A cross-site request forgery CSRF vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily reset account passwords...

5.7CVSS0.00355EPSS
Exploits1References1
nvd
nvd
added 2021/08/30 6:15 p.m.24 views

CVE-2020-18126

Multiple stored cross-site scripting XSS vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML...

5.4CVSS0.00503EPSS
Exploits1References1
nvd
nvd
added 2021/08/30 6:15 p.m.17 views

CVE-2020-18123

A cross-site request forgery CSRF vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily delete admin accounts...

6.5CVSS0.00425EPSS
Exploits1References1
nvd
nvd
added 2021/08/30 6:15 p.m.17 views

CVE-2020-18121

A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell...

8.8CVSS0.00969EPSS
Exploits1References1
nvd
nvd
added 2021/08/30 6:15 p.m.24 views

CVE-2020-18127

An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files...

6.5CVSS0.01172EPSS
Exploits1References2
prion
prion
added 2021/08/30 6:15 p.m.15 views

Design/Logic Flaw

An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files...

4CVSS6.4AI score0.01172EPSS
Exploits1References2Affected Software1
prion
prion
added 2021/08/30 6:15 p.m.15 views

Design/Logic Flaw

A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell...

6.5CVSS8.4AI score0.00969EPSS
Exploits1References1Affected Software1
prion
prion
added 2021/08/30 6:15 p.m.10 views

Cross site scripting

A reflected cross-site scripting XSS vulnerability in the /plugin/ajax.php component of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML...

4.3CVSS6AI score0.00574EPSS
Exploits1References1Affected Software1
prion
prion
added 2021/08/30 6:15 p.m.13 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily delete admin accounts...

4.3CVSS6.5AI score0.00425EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2021/08/30 4:4 p.m.25 views

CVE-2020-18125

A reflected cross-site scripting XSS vulnerability in the /plugin/ajax.php component of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML...

6AI score0.00574EPSS
Exploits1References1
cve
cve
added 2021/08/30 4:4 p.m.44 views

CVE-2020-18125

CVE-2020-18125 is a reflected cross-site scripting (XSS) vulnerability in the /plugin/ajax.php component of Indexhibit 2.1.5. The issue allows attackers to execute arbitrary web scripts or HTML. Evidence from connected documents confirms the affected product (Indexhibit 2.1.5) and the vulnerable ...

6.1CVSS6AI score0.00574EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2021/08/30 4:4 p.m.19 views

CVE-2020-18121

A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell...

8.5AI score0.00969EPSS
Exploits1References1
cve
cve
added 2021/08/30 4:4 p.m.38 views

CVE-2020-18124

CVE-2020-18124 is a CSRF vulnerability in Indexhibit 2.1.5 that allows an attacker to arbitrarily reset user passwords. The connected documents confirm the affected software and the underlying issue (cross-site request forgery enabling password resets). There is no explicit information here about...

5.7CVSS5.5AI score0.00355EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2021/08/30 4:4 p.m.20 views

CVE-2020-18124

A cross-site request forgery CSRF vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily reset account passwords...

5.6AI score0.00355EPSS
Exploits1References1
cvelist
cvelist
added 2021/08/30 4:4 p.m.22 views

CVE-2020-18123

A cross-site request forgery CSRF vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily delete admin accounts...

6.5AI score0.00425EPSS
Exploits1References1
cve
cve
added 2021/08/30 4:4 p.m.40 views

CVE-2020-18123

The CVE-2020-18123 entries describe a CSRF vulnerability in Indexhibit 2.1.5 that allows an attacker to arbitrarily delete administrator accounts. Affected software: Indexhibit 2.1.5 (web-based CMS). Underlying issue: cross-site request forgery enabling unauthorized admin deletion. Impact: admini...

6.5CVSS6.4AI score0.00425EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2021/08/30 4:4 p.m.28 views

CVE-2020-18126

Multiple stored cross-site scripting XSS vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML...

5.5AI score0.00503EPSS
Exploits1References1
Rows per page
Query Builder