Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

NVD
NVDadded 2026/03/23 12:16 a.m.4 views

CVE-2026-4563

A weakness has been identified in MacCMS up to 2025.1000.4052. This vulnerability affects the function orderinfo of the file application/index/controller/User.php of the component Member Order Detail Interface. This manipulation of the argument orderid causes authorization bypass. It is possible ...

5.3CVSS0.00037EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/01/07 9:48 a.m.4 views

CVE-2022-27887

Maccms v10 was discovered to contain a reflected cross-site scripting XSS vulnerability in /admin.php/admin/vod/data.html via the repeat parameter...

6.1CVSS6.1AI score0.00223EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-13860

Malware in sbrugna...

6.5CVSS6.5AI score0.00117EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-32375

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00223EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/09/14 11:2 a.m.4 views

CVE-2025-10397 Magicblack MacCMS API server-side request forgery

A vulnerability was identified in Magicblack MacCMS 2025.1000.4050. This affects an unknown part of the component API Handler. The manipulation of the argument cjurl leads to server-side request forgery. The attack can be initiated remotely. The exploit is publicly available and might be used...

5.8CVSS4.8AI score0.0008EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/05/23 8:35 a.m.8 views

CVE-2024-32391

Cross Site Scripting vulnerability in MacCMS v.10 v.2024.1000.3000 allows a remote attacker to execute arbitrary code via a crafted payload...

7.3CVSS7.3AI score0.00397EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 6:50 p.m.7 views

CVE-2021-43707

Cross Site Scripting XSS vulnerability exists in Maccms v10 via linkName parameter...

6.1CVSS6AI score0.0024EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/05/22 4:29 p.m.5 views

CVE-2020-21082

A cross-site scripting XSS vulnerability in the background administrator article management module of Maccms 8.0 allows attackers to steal administrator and user cookies via crafted payloads in the text fields for Chinese and English names...

6.1CVSS5.7AI score0.00328EPSS
Exploits1
CNNVD
CNNVDadded 2021/09/24 12:0 a.m.2 views

Maccms 跨站请求伪造漏洞

Maccms is a PHP-based film and television content management system CMS. Maccms version 10 has a security vulnerability that can be exploited by an authenticated attacker to delete all users via "admin.php/admin/admin/del/ids/<id>.html"...

8.1CVSS7.7AI score0.00224EPSS
Exploits1References2
CNNVD
CNNVDadded 2021/09/14 12:0 a.m.2 views

Maccms 跨站脚本漏洞

A security vulnerability exists in Maccms, a PHP-based film and television content management system CMS, due to a failure to validate data in the Chinese and English fields in the product's backend administrator post management module. An attacker can obtain administrator and user cookies throug...

6.1CVSS5.6AI score0.00328EPSS
Exploits1References2
myhack58
myhack58added 2012/03/13 12:0 a.m.14 views

maccms chicken-upload vulnerability and a fix-vulnerability warning-the black bar safety net

A small program, inadvertently see by the way it looked under ./ admin/editor/upload.php requireonce "../adminconn.php"; $action=be"get","action"; $ftypes=array'jpg','gif','bmp','png',". jpeg"; $upfileDir= "../". $SESSION"upfolder" . the "/" . getSavePicPath . "/"; $maxSize=1 0 0 0; if!...

0.6AI score
Exploits0
Rows per page
Query Builder