CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/02/06 5:16 a.m.•3 views

CVE-2026-1978

7.5CVSS0.00044EPSS

Cvelist•added 2026/02/06 4:2 a.m.•23 views

CVE-2026-1978 kalyan02 NanoCMS User Information pagesdata.txt direct request

6.9CVSS0.00044EPSS

Vulnrichment•added 2026/02/06 4:2 a.m.•4 views

CVE-2026-1978 kalyan02 NanoCMS User Information pagesdata.txt direct request

6.9CVSS5AI score0.00044EPSS

CNNVD•added 2026/02/06 12:0 a.m.•2 views

NanoCMS 安全漏洞

NanoCMS is a lightweight content management system developed by kalyan02. Versions of NanoCMS prior to 0.4 contained security vulnerabilities, which were caused by incorrect handling of the file/data/pagesdata.txt, potentially leading to direct requests...

7.5CVSS6.1AI score0.00044EPSS

Positive Technologies•added 2026/02/06 12:0 a.m.•3 views

PT-2026-6672

Name of the Vulnerable Software and Affected Versions kalyan02 NanoCMS versions up to 0.4 Description A flaw exists in kalyan02 NanoCMS that allows for remote request manipulation. The issue is related to an unknown functionality within the /data/pagesdata.txt file of the User Information Handler...

6.9CVSS5.3AI score0.00044EPSS

Exploits0References10

OSV•added 2026/01/13 11:15 p.m.•1 views

CVE-2022-50898

NanoCMS 0.4 contains an authenticated file upload vulnerability that allows remote code execution through unvalidated page content creation. Authenticated attackers can upload PHP files with arbitrary code to the server's pages directory by exploiting the page creation mechanism without proper...

8.6CVSS6.6AI score

Exploits0References4

NVD•added 2026/01/13 11:15 p.m.•1 views

CVE-2022-50898

8.8CVSS0.00485EPSS

Vulnrichment•added 2026/01/13 10:51 p.m.•1 views

CVE-2022-50898 NanoCMS 0.4 - Remote Code Execution (RCE) (Authenticated)

8.8CVSS8AI score0.00485EPSS

CVE•added 2026/01/13 10:51 p.m.•12 views

CVE-2022-50898

NanoCMS 0.4 is affected by an authenticated file upload vulnerability that enables remote code execution through the page content creation feature. The root cause is lack of input sanitization when uploading PHP files to the server’s pages directory, which can be exploited after authentication. R...

8.8CVSS8AI score0.00485EPSS

Exploits1References4Affected Software1

Cvelist•added 2026/01/13 10:51 p.m.•19 views

CVE-2022-50898 NanoCMS 0.4 - Remote Code Execution (RCE) (Authenticated)

8.8CVSS0.00485EPSS

CNNVD•added 2026/01/13 12:0 a.m.•1 views

NanoCMS 代码注入漏洞

NanoCMS is a lightweight content management system by kalyan02 individual developer. A code injection vulnerability exists in NanoCMS version 0.4, which stems from an unauthenticated file upload vulnerability in the page content creation feature that could lead to remote code execution...

8.8CVSS6.2AI score0.00485EPSS

Positive Technologies•added 2026/01/13 12:0 a.m.•1 views

PT-2026-2374

8.8CVSS8.3AI score0.00485EPSS

Exploits1References5

Exploit DB•added 2022/08/01 12:0 a.m.•569 views

NanoCMS v0.4 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: NanoCMS v0.4 - Remote Code Execution RCE Authenticated Date: 2022-07-26 Exploit Auuthor: p1ckzi Vendor Homepage: https://github.com/kalyan02/NanoCMS Version: NanoCMS v0.4 Tested on: Linux Mint 20.3 CVE: N/A Description: this script uploads a php reverse shell to the target. NanoCMS...

7.4AI score

Exploits0

Packet Storm•added 2022/08/01 12:0 a.m.•370 views

NanoCMS 0.4 Remote Code Execution

Exploits0

0day.today•added 2022/08/01 12:0 a.m.•434 views

NanoCMS v0.4 - Remote Code Execution (Authenticated) Exploit

Exploit Title: NanoCMS v0.4 - Remote Code Execution RCE Authenticated Exploit Auuthor: p1ckzi Vendor Homepage: https://github.com/kalyan02/NanoCMS Version: NanoCMS v0.4 Tested on: Linux Mint 20.3 CVE: N/A Description: this script uploads a php reverse shell to the target. NanoCMS does not sanitis...

0.1AI score

Exploits0

OpenVAS•added 2009/04/16 12:0 a.m.•20 views

NanoCMS Detection

This host is running NanoCMS, a content management system. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3AI score

OpenVAS•added 2009/04/16 12:0 a.m.•110 views

NanoCMS '/data/pagesdata.txt' Password Hash Information Disclosure Vulnerability

NanoCMS is prone to an information disclosure vulnerability because it fails to validate access to sensitive files. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

6.8AI score

OpenVAS•added 2009/04/16 12:0 a.m.•20 views

NanoCMS Detection

This host is running NanoCMS, a content management system. OpenVAS Vulnerability Test $Id: nanocmsdetect.nasl 5737 2017-03-27 14:18:12Z cfi $ NanoCMS Detection Authors: Michael Meyer Copyright: Copyright c 2009 Greenbone Networks GmbH This program is free software; you can redistribute it and/or...

7.3AI score

OpenVAS•added 2009/04/16 12:0 a.m.•2240 views

NanoCMS '/data/pagesdata.txt' Password Hash Information Disclosure Vulnerability

NanoCMS is prone to an information-disclosure vulnerability because it fails to validate access to sensitive files. An attacker can exploit this vulnerability to obtain sensitive information that may lead to further attacks. NanoCMS 0.4final is vulnerable; other versions may also be affected...

6.7AI score