Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

282 matches found

Packet Storm
Packet Stormadded 2026/02/02 12:0 a.m.134 views

📄 MiniCMS 1.11 Exploitation Toolkit

This toolkit focuses on validating and demonstrating the impact of a known and documented design flaw in MiniCMS 1.11 related to its build process CVE-2018-1000638. MiniCMS relies on an insecure build.php script that blindly packages filesystem contents into install.php without enforcing integrit...

6.1CVSS5.8AI score0.00801EPSS
Exploits3
RedhatCVE
RedhatCVEadded 2026/01/09 12:19 p.m.2 views

CVE-2018-10423

mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article...

4CVSS6.9AI score0.0018EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 12:18 p.m.7 views

CVE-2018-10424

mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via a modified id field...

4CVSS6.7AI score0.00228EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 12:11 p.m.8 views

CVE-2018-18890

MiniCMS 1.10 allows full path disclosure via /mc-admin/post.php?state=delete= with an invalid filename...

5.3CVSS6.9AI score0.00366EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 12:10 p.m.7 views

CVE-2018-18891

MiniCMS 1.10 allows file deletion via /mc-admin/post.php?state=delete= because the authentication check occurs too late...

7.5CVSS7.1AI score0.0038EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 11:28 a.m.2 views

CVE-2021-33387

Cross Site Scripting Vulnerability in MiniCMS v.1.10 allows attacker to execute arbitrary code via a crafted get request...

9.6CVSS7.2AI score0.00653EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/06 5:7 a.m.1 views

CVE-2025-15458

A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS6.5AI score0.00241EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/06 5:7 a.m.3 views

CVE-2025-15457

A vulnerability was found in bg5sbk MiniCMS up to 1.8. The impacted element is an unknown function of the file /minicms/mc-admin/post.php of the component Trash File Restore Handler. Performing a manipulation results in improper authentication. It is possible to initiate the attack remotely. The...

7.5CVSS6.4AI score0.00241EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/06 4:10 a.m.3 views

CVE-2025-15455

A flaw has been found in bg5sbk MiniCMS up to 1.8. Impacted is the function deletepage of the file /minicms/mc-admin/page.php of the component File Recovery Request Handler. This manipulation causes improper authentication. The attack is possible to be carried out remotely. The exploit has been...

6.9CVSS6.4AI score0.0005EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/06 4:10 a.m.3 views

CVE-2025-15456

A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown function of the file /mc-admin/page-edit.php of the component Publish Page Handler. Such manipulation leads to improper authentication. The attack may be performed from remote. The exploit has been...

7.5CVSS6.1AI score0.00125EPSS
Exploits1References1
OSV
OSVadded 2026/01/05 5:15 a.m.1 views

CVE-2025-15458

A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS6.6AI score
Exploits0References4
NVD
NVDadded 2026/01/05 5:15 a.m.5 views

CVE-2025-15458

A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS0.00241EPSS
Exploits1References4
OSV
OSVadded 2026/01/05 5:15 a.m.3 views

CVE-2025-15457

A vulnerability was found in bg5sbk MiniCMS up to 1.8. The impacted element is an unknown function of the file /minicms/mc-admin/post.php of the component Trash File Restore Handler. Performing a manipulation results in improper authentication. It is possible to initiate the attack remotely. The...

9.8CVSS6.5AI score
Exploits0References4
NVD
NVDadded 2026/01/05 5:15 a.m.3 views

CVE-2025-15457

A vulnerability was found in bg5sbk MiniCMS up to 1.8. The impacted element is an unknown function of the file /minicms/mc-admin/post.php of the component Trash File Restore Handler. Performing a manipulation results in improper authentication. It is possible to initiate the attack remotely. The...

9.8CVSS0.00241EPSS
Exploits1References4
OSV
OSVadded 2026/01/05 5:15 a.m.3 views

CVE-2025-15456

A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown function of the file /mc-admin/page-edit.php of the component Publish Page Handler. Such manipulation leads to improper authentication. The attack may be performed from remote. The exploit has been...

7.5CVSS6.2AI score
Exploits0References4
NVD
NVDadded 2026/01/05 5:15 a.m.2 views

CVE-2025-15456

A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown function of the file /mc-admin/page-edit.php of the component Publish Page Handler. Such manipulation leads to improper authentication. The attack may be performed from remote. The exploit has been...

7.5CVSS0.00125EPSS
Exploits1References4
Cvelist
Cvelistadded 2026/01/05 5:2 a.m.27 views

CVE-2025-15458 bg5sbk MiniCMS Article post-edit.php improper authentication

A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS0.00241EPSS
Exploits1References4
CVE
CVEadded 2026/01/05 5:2 a.m.5 views

CVE-2025-15458

CVE-2025-15458 affects bg5sbk MiniCMS

9.8CVSS7.2AI score0.00241EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/05 5:2 a.m.1 views

CVE-2025-15458 bg5sbk MiniCMS Article post-edit.php improper authentication

A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS6.2AI score0.00241EPSS
Exploits1References4
CVE
CVEadded 2026/01/05 4:32 a.m.11 views

CVE-2025-15457

CVE-2025-15457 affects bg5sbk MiniCMS up to version 1.8. The vulnerability resides in the Trash File Restore Handler in the unknown function within the file "/minicms/mc-admin/post.php" and causes improper authentication. It can be exploited remotely and a public exploit exists; the vendor was co...

9.8CVSS7.1AI score0.00241EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder