Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2024/04/08 12:0 a.m.3 views

CandyCMS 安全漏洞

CandyCMS is a simple PHP CMS open-sourced by Stephen Radford. A security vulnerability exists in CandyCMS version 1.0.0. A remote attacker can exploit this vulnerability to execute arbitrary code via the install.php component...

9.8CVSS7.8AI score0.00948EPSS
Exploits0References2
OSV
OSVadded 2020/12/10 11:15 p.m.2 views

CVE-2020-19527

iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DBNAME parameter to install/install.php...

9.8CVSS6AI score
Exploits0References1
CNVD
CNVDadded 2018/11/02 12:0 a.m.2 views

MiniCMS Arbitrary PHP Code Execution Vulnerability

MiniCMS is a micro content management system designed for personal websites. An arbitrary PHP code execution vulnerability exists in MiniCMS 1.10. An attacker can exploit this vulnerability to execute arbitrary PHP code via the install.php sitename parameter...

9.8CVSS9.8AI score0.0258EPSS
Exploits1References1
BDU FSTEC
BDU FSTECadded 2017/11/10 12:0 a.m.5 views

The vulnerability of the install/index.php script of the Exponent CMS system allows a hacker to execute arbitrary code.

The vulnerability of the Exponent CMS content management system is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the sc parameter in the install/index.php script...

10CVSS8.2AI score0.06636EPSS
Exploits3References7Affected Software1
CNVD
CNVDadded 2015/10/03 12:0 a.m.3 views

Web Reference Database Command Execution Vulnerability

Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. A vulnerability in the handling of the 'adminPassword' parameter in the Web Reference Databaseinstall.php script allows remote attackers to...

7.5CVSS7.7AI score0.04817EPSS
Exploits3References1
Exploit DB
Exploit DBadded 2004/07/24 12:0 a.m.26 views

PostNuke 0.7x - Install Script Administrator Password Disclosure

source: https://www.securityfocus.com/bid/10793/info It is reported that PostNuke may disclose administrator authentication credentials to remote attackers. This issue presents itself because the application fails to remove the install script 'install.php' after installation. This can allow an...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2004/07/24 12:0 a.m.15 views

PostNuke 0.7x - Install Script Administrator Password Disclosure

PostNuke 0.7x - Install Script Administrator Password Disclosure source: https://www.securityfocus.com/bid/10793/info It is reported that PostNuke may disclose administrator authentication credentials to remote attackers. This issue presents itself because the application fails to remove the...

0.1AI score
Exploits0
Rows per page
Query Builder