33 matches found
Naviwebs Navigate CMS 路径遍历漏洞
Naviwebs Navigate CMS is an open-source content management system developed by Naviwebs Inc. In the version 2.8.5 of Naviwebs Navigate CMS, there is a path traversal vulnerability. This vulnerability stems from the injection of directory traversal sequences in the id parameter, which may allow...
Naviwebs Navigate CMS SQL Injection Vulnerability
Naviwebs Navigate CMS is an open-source content management system developed by Naviwebs Inc. In the version 2.8.7 of Naviwebs Navigate CMS, there is a SQL injection vulnerability. This vulnerability stems from the sidx parameter in the comments, which allows for SQL injections, potentially leadin...
EUVD-2021-23057
Malware in sbrugna...
EUVD-2021-23056
Malware in sbrugna...
CVE-2021-36454
Cross Site Scripting XSS vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1 backups\backups.php, 2 blocks\blocks.php, 3 brands\brands.php, 4 comments\comments.php, 5 coupons\coupons.php, 6 feeds\feeds.php, 7 functions\functions.php, 8 items\items.php, 9...
Exploit for Server-Side Request Forgery in Naviwebs Navigate_Cms
It is an exploit module targeting Apache HTTP Server. The targe...
Naviwebs Navigate CMS Directory Traversal (CVE-2018-17553)
A directory traversal vulnerability exists in Naviwebs Navigate CMS. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
Naviwebs Navigate CMS 跨站脚本漏洞
Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. Naviwebs Navigate CMS suffers from a cross-site scripting vulnerability that originates from a lack of proper validation of client-side data by the WEB application. An attacker can...
CVE-2021-36454
Cross Site Scripting XSS vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1 backups\backups.php, 2 blocks\blocks.php, 3 brands\brands.php, 4 comments\comments.php, 5 coupons\coupons.php, 6 feeds\feeds.php, 7 functions\functions.php, 8 items\items.php, 9...
Cross site scripting
Cross Site Scripting XSS vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1 backups\backups.php, 2 blocks\blocks.php, 3 brands\brands.php, 4 comments\comments.php, 5 coupons\coupons.php, 6 feeds\feeds.php, 7 functions\functions.php, 8 items\items.php, 9...
Sql injection
SQL Injection vulnerability in Naviwebs Navigate CMS 2.9 via the quicksearch parameter in \lib\packages\comments\comments.php...
CVE-2021-36455
SQL Injection vulnerability in Naviwebs Navigate CMS 2.9 via the quicksearch parameter in \lib\packages\comments\comments.php...
CVE-2021-36455
CVE-2021-36455 affects Naviwebs Navigate CMS 2.9. The vulnerability is a SQL Injection in the quicksearch parameter of lib/packages/comments/comments.php, caused by insufficient input filtering. Documents confirm the affected product/version and root cause; no explicit exploitation details are pr...
CVE-2021-36454
Cross Site Scripting XSS vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1 backups\backups.php, 2 blocks\blocks.php, 3 brands\brands.php, 4 comments\comments.php, 5 coupons\coupons.php, 6 feeds\feeds.php, 7 functions\functions.php, 8 items\items.php, 9...
CVE-2021-36454
Navigate CMS 2.9 is affected by a cross-site scripting (XSS) vulnerability (CVE-2021-36454) exploitable via the navigate-quickse parameter in multiple files (e.g., backups.php, blocks.php, brands.php, comments.php, coupons.php, feeds.php, functions.php, items.php, menus.php, orders.php, payment_m...
Naviwebs Navigate CMS Authorization Issues Vulnerability
Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A security vulnerability exists in the password recovery feature in Naviwebs Navigate CMS version 2.9 r1433, which originates from a notfound message being returned when the user name o...
Naviwebs Navigate CMS Cross-Site Scripting Vulnerability (CNVD-2020-35980)
Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A cross-site scripting vulnerability exists in Naviwebs Navigate CMS version 2.9 r1433. The vulnerability stems from a lack of proper validation of client-side data by the WEB...
Unspecified Vulnerability in Naviwebs Navigate CMS
Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A security vulnerability exists in Naviwebs Navigate CMS 2.9 r1433, which originates from the program storing sessions and related information e.g. CSRF tokens in plaintext files in...
Naviwebs Navigate CMS Authorization Issue Vulnerability (CNVD-2020-35977)
Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A security vulnerability exists in Naviwebs Navigate CMS version 2.9 r1433, which originated when the program resets passwords, allowing users to continue setting passwords even if an...
Naviwebs Navigate CMS Cross-Site Scripting Vulnerability (CNVD-2020-35976)
Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A cross-site scripting vulnerability exists in the query parameter 'fid' in the navigation.php file in Naviwebs Navigate CMS version 2.9 r1433. The vulnerability stems from the WEB...