Lucene search
K

32 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:50 a.m.6 views

CVE-2020-10375

An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords in the second column. NOTE: this is unrelated to the popular Smarty template engine product...

5.5CVSS6.7AI score0.00307EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.7 views

CVE-2025-23628

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NewMediaOne GeoDigs geodigs allows Reflected XSS.This issue affects GeoDigs: from n/a through = 3.4.1...

7.1CVSS7.2AI score0.0022EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-2830

Malware in sbrugna...

5.5CVSS5.6AI score0.00307EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.1 views

EUVD-2018-10538

Malware in sbrugna...

9.8CVSS9.5AI score0.01587EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-3297

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:9 a.m.7 views

CVE-2018-17556

MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action...

5.4CVSS5.6AI score0.00588EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/01/23 4:15 p.m.4 views

CVE-2025-23628

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NewMediaOne GeoDigs geodigs allows Reflected XSS.This issue affects GeoDigs: from n/a through = 3.4.1...

7.2AI score0.0022EPSS
Exploits0References3
NVD
NVD
added 2025/01/23 4:15 p.m.10 views

CVE-2025-23628

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NewMediaOne GeoDigs geodigs allows Reflected XSS.This issue affects GeoDigs: from n/a through = 3.4.1...

7.1CVSS0.0022EPSS
Exploits0References1
Prion
Prion
added 2023/05/08 9:15 p.m.17 views

Design/Logic Flaw

Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute...

5CVSS7.5AI score0.45713EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/05/08 8:56 p.m.30 views

CVE-2023-31133 Ghost vulnerable to disclosure of private API fields

Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute...

7.5CVSS7.3AI score0.45713EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.4 views

SUSE CVE-2020-10375

An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords in the second column. NOTE: this is unrelated to the popular Smarty template engine product...

5.5CVSS6.9AI score0.00307EPSS
Exploits1References3
Openbugbounty
Openbugbounty
added 2022/06/02 11:28 a.m.16 views

median.newmediacaucus.org Cross Site Scripting vulnerability OBB-2635146

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2021/02/05 8:15 p.m.2 views

CVE-2020-10375

An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords in the second column. NOTE: this is unrelated to the popular Smarty template engine product...

5.5CVSS6.1AI score0.00307EPSS
Exploits1References2
NVD
NVD
added 2021/02/05 8:15 p.m.18 views

CVE-2020-10375

An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords in the second column. NOTE: this is unrelated to the popular Smarty template engine product...

5.5CVSS0.00307EPSS
Exploits1References2
CVE
CVE
added 2021/02/05 7:26 p.m.50 views

CVE-2020-10375

CVE-2020-10375 affects New Media Smarty before 9.10. The issue is that passwords are stored in an obfuscated format that can be easily reversed, with the obfuscated values located in the file data.mdb (second column). This is explicitly noted as unrelated to the popular Smarty template engine pro...

5.5CVSS5.4AI score0.00307EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/02/05 7:26 p.m.25 views

CVE-2020-10375

An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords in the second column. NOTE: this is unrelated to the popular Smarty template engine product...

5.5AI score0.00307EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/02/05 12:0 a.m.7 views

Smarty Media New Media Smarty Security Breach

Smarty Media New Media Smarty is a software for demand management practices from Smarty Media, a German company This product is provided to anesthesiologists, psychotherapists, psychiatrists, neurologists and physicians who specialize in demand management practices. A security vulnerability exist...

5.5CVSS6AI score0.00307EPSS
Exploits1References3
0day.today
0day.today
added 2018/10/31 12:0 a.m.27 views

Grapixel New Media 2 - pageref SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Grapixel New Media 2 - 'pageref' SQL Injection Exploit Author: Berk Dusunur Vendor Homepage: http://www.grapixel.com Software Link: http://www.grapixel.com Affected Version: v2 Tested on: MacosX CVE : N/A Proof Of Concept...

0.2AI score
Exploits0
OSV
OSV
added 2018/10/30 6:29 a.m.0 views

CVE-2018-18822

Grapixel New Media v2.0 allows SQL Injection via the pages.aspx pageref parameter...

9.8CVSS5.8AI score0.01587EPSS
Exploits1References1
Prion
Prion
added 2018/10/30 6:29 a.m.12 views

Sql injection

Grapixel New Media v2.0 allows SQL Injection via the pages.aspx pageref parameter...

7.5CVSS9.8AI score0.01587EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder