Lucene search
+L

358 matches found

OSV
OSV
added 2019/07/18 3:15 p.m.5 views

CVE-2019-9230

An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.253. A cross-site scripting XSS vulnerability in the search function of the management web interface allows remote attackers to inject arbitrary web script o...

6.1CVSS6.4AI score0.0103EPSS
Exploits0References1
Prion
Prion
added 2019/07/18 3:15 p.m.19 views

Cross site scripting

An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.253. A cross-site scripting XSS vulnerability in the search function of the management web interface allows remote attackers to inject arbitrary web script o...

4.3CVSS6AI score0.0103EPSS
Exploits0References1Affected Software4
NVD
NVD
added 2019/01/03 7:29 p.m.8 views

CVE-2018-19414

Multiple cross-site scripting XSS vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to inject arbitrary web script or HTML via the 1 keyword parameter to groups.php; 2 username parameter to login.php; or 3 date parameter to search.php...

6.1CVSS6.1AI score0.02218EPSS
Exploits2References3
OSV
OSV
added 2019/01/03 7:29 p.m.4 views

CVE-2018-19414

Multiple cross-site scripting XSS vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to inject arbitrary web script or HTML via the 1 keyword parameter to groups.php; 2 username parameter to login.php; or 3 date parameter to search.php...

6.1CVSS5.8AI score0.02218EPSS
Exploits2References3
OSV
OSV
added 2018/12/31 3:29 p.m.20 views

CVE-2018-19902

No-CMS 1.1.3 is prone to Persistent XSS via the blog/managearticle "keyword" parameter...

4.8CVSS5.8AI score0.00559EPSS
Exploits1References1
CVE
CVE
added 2018/12/31 3:0 p.m.37 views

CVE-2018-19902

Vulnerability summary (CVE-2018-19902): No-CMS 1.1.3 is susceptible to a Persistent XSS attack via the blog/manage_article page, specifically through the keyword parameter. The available records indicate the issue is a stored/reflected-like XSS path focused on this input vector, but do not provid...

4.8CVSS4.8AI score0.00559EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/12/31 3:0 p.m.22 views

CVE-2018-19902

No-CMS 1.1.3 is prone to Persistent XSS via the blog/managearticle "keyword" parameter...

4.9AI score0.00559EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/29 12:0 a.m.5 views

WUZHI CMS SQL Injection Vulnerability (CNVD-2019-03304)

WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A SQL injection vulnerability exists in the coreframe/app/coupon/admin/copyfrom.php file in WUZHI CMS version 4.1.0. A remote attacker can exploit this vulnerabili...

9.8CVSS10AI score0.01537EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/19 12:0 a.m.8 views

S-CMS SQL Injection Vulnerability (NVD-C-2018-125521)

S-CMS is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise to provide solutions to build a station of the product. The search.php in S-CMS 1.5 has a SQL injection vulnerability, which can be exploited by an attacker through the keyword parameter to perform a SQL injecti...

7.5CVSS8AI score0.01079EPSS
Exploits0References1
OSV
OSV
added 2018/11/17 3:29 p.m.2 views

CVE-2018-19331

An issue was discovered in S-CMS v1.5. There is a SQL injection vulnerability in search.php via the keyword parameter...

7.5CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 2018/11/17 3:0 p.m.25 views

CVE-2018-19331

An issue was discovered in S-CMS v1.5. There is a SQL injection vulnerability in search.php via the keyword parameter...

7.8AI score0.01079EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/13 12:0 a.m.8 views

S-CMS Cross-Site Scripting Vulnerability

S-CMS is a content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in the search.php file in S-CMS version 1.5, which can be exploited by remote attackers to inject arbitrary Web script or HTML with the help of the 'keyword' parameter...

6.1CVSS6AI score0.00692EPSS
Exploits1References1
Prion
Prion
added 2018/11/09 11:29 p.m.19 views

Cross site scripting

An issue was discovered in S-CMS v1.5. There is an XSS vulnerability in search.php via the keyword parameter...

4.3CVSS6AI score0.00692EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/11/09 11:29 p.m.5 views

CVE-2018-19145

An issue was discovered in S-CMS v1.5. There is an XSS vulnerability in search.php via the keyword parameter...

6.1CVSS5.8AI score0.00692EPSS
Exploits1References1
Prion
Prion
added 2018/10/29 12:29 p.m.20 views

Cross site scripting

DedeCMS 5.7 SP2 allows XSS via the /member/uploadsselect.php f or keyword parameter...

4.3CVSS6AI score0.00675EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/10/29 12:0 a.m.5 views

DedeCMS Cross-Site Scripting Vulnerability (CNVD-2019-01728)

DedeCMS is a PHP-based web content management system CMS. A cross-site scripting vulnerability exists in the /member/uploadsselect.php file in DedeCMS version 5.7 SP2, which can be exploited by a remote attacker with the help of the 'f' or 'keyword' parameter to A remote attacker can use the 'f' ...

6.1CVSS6.1AI score0.00675EPSS
Exploits1References1
Prion
Prion
added 2018/09/03 12:29 a.m.16 views

Cross site scripting

PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=Usergroup&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=...

4.3CVSS6AI score0.00707EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/09/03 12:29 a.m.15 views

CVE-2018-16371

PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=Usergroup&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=...

6.1CVSS6.1AI score0.00707EPSS
Exploits1References1
OSV
OSV
added 2018/09/03 12:29 a.m.4 views

CVE-2018-16372

The issue was discovered in IdeaCMS through 2016-04-30. There is reflected XSS via the index.php?c=content&a=search kw parameter. NOTE: this product is discontinued...

6.1CVSS5.8AI score0.00655EPSS
Exploits0References1
OSV
OSV
added 2018/09/03 12:29 a.m.18 views

CVE-2018-16371

PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=Usergroup&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=...

6.1CVSS5.9AI score
Exploits0References1
Rows per page
Query Builder