CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

282 matches found

CVE•added 2022/06/28 9:15 p.m.•59 views

CVE-2020-19896

CVE-2020-19896 affects Minicms v1.9 and is a file inclusion vulnerability that lets remote attackers execute arbitrary PHP code via the file post-edit.php. The NVD metrics indicate a CVSSv3.1 base score of 9.8 (CRITICAL) with network access, low attack complexity, no user interaction, and impacts...

9.8CVSS9.6AI score0.00705EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/06/28 9:15 p.m.•18 views

CVE-2020-19896

File inclusion vulnerability in Minicms v1.9 allows remote attackers to execute arbitary PHP code via post-edit.php...

9.7AI score0.00705EPSS

Exploits1References1

CNNVD•added 2022/06/28 12:0 a.m.•2 views

MiniCMS 安全漏洞

MiniCMS is to simple personal website content management system. A security vulnerability exists in MiniCMS v1.9. An attacker exploited the vulnerability to execute arbitrary PHP code via late editing...

9.8CVSS8.9AI score0.00705EPSS

Exploits1References2

CNVD•added 2022/06/28 12:0 a.m.•31 views

MiniCMS Cross-Site Request Forgery Vulnerability (CNVD-2022-62184)

MiniCMS is content management system. A cross-site request forgery vulnerability exists in MiniCMS v1.11. An attacker can exploit this vulnerability to delete any local .dat file by clicking a malicious link...

8.1CVSS7.9AI score0.00085EPSS

Exploits1References1

NVD•added 2022/06/24 9:15 p.m.•19 views

CVE-2022-33121

A Cross-Site Request Forgery CSRF in MiniCMS v1.11 allows attackers to arbitrarily delete local .dat files via clicking on a malicious link...

8.1CVSS0.00085EPSS

Exploits1References1

OSV•added 2022/06/24 9:15 p.m.•13 views

CVE-2022-33121

A Cross-Site Request Forgery CSRF in MiniCMS v1.11 allows attackers to arbitrarily delete local .dat files via clicking on a malicious link...

8.1CVSS6.8AI score

Exploits0References1

Prion•added 2022/06/24 9:15 p.m.•14 views

Cross site request forgery (csrf)

A Cross-Site Request Forgery CSRF in MiniCMS v1.11 allows attackers to arbitrarily delete local .dat files via clicking on a malicious link...

5.8CVSS7.9AI score0.00085EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/06/24 8:59 p.m.•17 views

CVE-2022-33121

A Cross-Site Request Forgery CSRF in MiniCMS v1.11 allows attackers to arbitrarily delete local .dat files via clicking on a malicious link...

8.2AI score0.00085EPSS

Exploits1References1

CVE•added 2022/06/24 8:59 p.m.•83 views

CVE-2022-33121

A CSRF vulnerability in MiniCMS v1.11 allows attackers to delete local .dat files by clicking a malicious link. This has been reported across multiple feeds (including CNVD, Red Hat, NVD/OSV, CVE lists). The root cause is a CSRF in MiniCMS v1.11; there are no public exploit details within the pro...

8.1CVSS7.9AI score0.00085EPSS

Exploits1References1Affected Software1

CNNVD•added 2022/06/24 12:0 a.m.•2 views

MiniCMS 跨站请求伪造漏洞

8.1CVSS5.4AI score0.00085EPSS

Exploits1References2

CNVD•added 2022/06/15 12:0 a.m.•29 views

MiniCMS Cross-Site Scripting Vulnerability (CNVD-2022-58395)

MiniCMS is content management system. A cross-site scripting vulnerability exists in MiniCMS version V1.11, which stems from a lack of checksum filtering of user-supplied and output data on the post-edit.php page. An attacker can exploit this vulnerability to execute JavaScript code on the client...

6.1CVSS6AI score0.00301EPSS

Exploits1References1

CNNVD•added 2022/06/13 12:0 a.m.•2 views

MiniCMS 跨站脚本漏洞

6.1CVSS5.6AI score0.00301EPSS

Exploits1References3

CNVD•added 2022/02/14 12:0 a.m.•28 views

MiniCMS Cross-Site Scripting Vulnerability (CNVD-2022-11519)

MiniCMS is a content management system CMS designed for personal websites. miniCMS has a security vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers to execute client-side code...

5.4CVSS3.8AI score0.00191EPSS

Exploits1References1

NVD•added 2022/02/10 11:15 p.m.•13 views

CVE-2021-44970

MiniCMS v1.11 was discovered to contain a cross-site scripting XSS vulnerability via /mc-admin/page-edit.php...

5.4CVSS0.00191EPSS

Exploits1References1

OSV•added 2022/02/10 11:15 p.m.•19 views

CVE-2021-44970

MiniCMS v1.11 was discovered to contain a cross-site scripting XSS vulnerability via /mc-admin/page-edit.php...

5.4CVSS6.1AI score

Exploits0References1

Prion•added 2022/02/10 11:15 p.m.•19 views

Cross site scripting

MiniCMS v1.11 was discovered to contain a cross-site scripting XSS vulnerability via /mc-admin/page-edit.php...

3.5CVSS5.4AI score0.00191EPSS

Exploits1References1Affected Software1

CVE•added 2022/02/10 10:39 p.m.•109 views

CVE-2021-44970

MiniCMS v1.11 contains a cross-site scripting (XSS) vulnerability exploitable via /mc-admin/page-edit.php. Multiple connected sources attribute the issue to insufficient validation of client-side data within the web application. Impact details are not fully specified in the provided documents; CV...

5.4CVSS5.3AI score0.00191EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/02/10 10:39 p.m.•17 views

CVE-2021-44970

MiniCMS v1.11 was discovered to contain a cross-site scripting XSS vulnerability via /mc-admin/page-edit.php...

5.6AI score0.00191EPSS

Exploits1References1

CNNVD•added 2022/02/10 12:0 a.m.•2 views

MiniCMS 跨站脚本漏洞

5.4CVSS5.7AI score0.00191EPSS

Exploits1References1

NVD•added 2021/04/28 4:15 p.m.•17 views

CVE-2020-17999

Cross Site Scripting XSS in MiniCMS v1.10 allows remote attackers to execute arbitrary code by injecting commands via a crafted HTTP request to the component "/mc-admin/post-edit.php"...

6.1CVSS0.01993EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by