Lucene search
K

30 matches found

Prion
Prion
added 2021/09/07 9:15 p.m.14 views

Directory traversal

Eyoucms 1.5.4 is vulnerable to Directory Traversal. Due to a lack of input data sanitizaton in param tpldir, filename, type, nid an attacker can inject "../" to escape and write file to writeable directories...

5CVSS7.5AI score0.01462EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2021/09/07 8:15 p.m.36 views

CVE-2021-39497

eyoucms 1.5.4 lacks sanitization of input data, allowing an attacker to inject a url to trigger blind SSRF via the saveRemote function...

9.8CVSS0.02358EPSS
Exploits1References3
Cvelist
Cvelist
added 2021/09/07 8:1 p.m.32 views

CVE-2021-39500

Eyoucms 1.5.4 is vulnerable to Directory Traversal. Due to a lack of input data sanitizaton in param tpldir, filename, type, nid an attacker can inject "../" to escape and write file to writeable directories...

7.7AI score0.01462EPSS
Exploits0References2
CVE
CVE
added 2021/09/07 8:1 p.m.69 views

CVE-2021-39500

CVE-2021-39500 (EyouCMS 1.5.4) is a directory traversal vulnerability caused by a lack of input validation in the parameters tpldir, filename, type, and nid, allowing an attacker to inject "../" to escape and write files to writable directories. Connected sources corroborate the issue across mult...

7.5CVSS7.4AI score0.01462EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.10 views

The vulnerability in the web console of the Apache ActiveMQ software platform allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the Apache ActiveMQ software platform’s web administration consoles is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

6.4CVSS6.8AI score0.06208EPSS
Exploits0References5Affected Software6
OpenVAS
OpenVAS
added 2015/10/12 12:0 a.m.40 views

WordPress 'Non-Strict Mode' Multiple Cross-Site Scripting Vulnerabilities - Linux

WordPress is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS5.8AI score0.08467EPSS
Exploits1References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Habari 0.5.1 'habari_username' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31794/info Habari is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2014/03/31 12:0 a.m.12 views

Primo Interactive CMS - pcm.cgi Remote Command Execution

Primo Interactive CMS - pcm.cgi Remote Command Execution source: https://www.securityfocus.com/bid/66549/info Primo Interactive CMS is prone to a remote command-execution vulnerability because the application fails to sufficiently sanitize user-supplied input data. An attacker may leverage this...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/08/18 12:0 a.m.26 views

Ovidentia 6.6.5 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/30735/info Ovidentia is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/01/07 12:0 a.m.22 views

SynCE 0.92 - vdccm Daemon Remote Command Injection

SynCE 0.92 - vdccm Daemon Remote Command Injection source: https://www.securityfocus.com/bid/27178/info SynCE is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data. Attackers can exploit this issue to execute arbitrary commands in th...

7.9AI score
Exploits0
Rows per page
Query Builder