Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-26700

Malicious code in bioql PyPI...

9.8CVSS6.4AI score0.00353EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/08 12:0 a.m.3 views

appRain CMF SQL Injection Vulnerability (CNVD-2025-21108)

appRain CMF is a content management framework. appRain CMF suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the data%5BAdmin%5D%5Busername%5D parameter of /apprain/admin/manage/add. An attacker could use this vulnerability t...

9.8CVSS7.5AI score0.00353EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 11:15 a.m.4 views

CVE-2025-41032

An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the database, through the 'data%5BAdmin%5D%5Busername%5D' parameter in /apprain/admin/manage/add/...

9.8CVSS5.7AI score
Exploits0References1
NVD
NVD
added 2025/09/04 11:15 a.m.3 views

CVE-2025-41032

An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the database, through the 'data%5BAdmin%5D%5Busername%5D' parameter in /apprain/admin/manage/add/...

9.8CVSS0.00353EPSS
Exploits0References1
CVE
CVE
added 2025/09/04 11:6 a.m.13 views

CVE-2025-41032

The CVE-2025-41032 entry concerns appRain CMF 4.0.5 with an SQL injection vulnerability in the parameter data[Admin][username] of the /apprain/admin/manage/add/ endpoint. Reported to allow an attacker to retrieve, create, update, and delete data in the back-end database. The vulnerability is desc...

9.8CVSS7.4AI score0.00353EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/09/04 12:0 a.m.3 views

appRain CMF SQL注入漏洞

appRain CMF is a content management framework. appRain CMF suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the data%5BAdmin%5D%5Busername%5D parameter of /apprain/admin/manage/add. An attacker could use this vulnerability t...

9.8CVSS7.7AI score0.00353EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/04 12:0 a.m.6 views

PT-2025-35903

Name of the Vulnerable Software and Affected Versions: appRain CMF version 4.0.5 Description: An SQL injection flaw exists in appRain CMF version 4.0.5. This flaw allows an attacker to retrieve, create, update, and delete the database through the data%5BAdmin%5D%5Busername%5D parameter in the...

9.8CVSS7.3AI score0.00353EPSS
Exploits0References3
Prion
Prion
added 2018/06/27 1:29 p.m.15 views

Design/Logic Flaw

joyplus-cms 1.6.0 has XSS in adminplayer.php, related to manager/index.php "system manage" and "add" actions...

4.3CVSS6AI score0.42206EPSS
Exploits1References1Affected Software1
Atlassian
Atlassian
added 2018/04/10 3:18 a.m.34 views

XSS in the agile wallboard gadget through quick filter names - CVE-2017-18100

The agile wallboard gadget in Atlassian Jira before version 7.8.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the name of quick filters. h3. Workaround Disable the gadget. - Navigate to Administration Add-ons Manage add-ons and se...

6.1CVSS5.7AI score0.00945EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2011/11/02 9:55 p.m.5 views

CVE-2010-5024

SQL injection vulnerability in manage/adduser.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote authenticated users, with Read privileges, to execute arbitrary SQL commands via the userid parameter. NOTE: some of these details are obtained from third party information...

6CVSS6.4AI score0.00975EPSS
Exploits1References7
Rows per page
Query Builder