Lucene search
K

8 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/16 3:25 p.m.7 views

CVE-2020-37236

NewsLister contains an authenticated persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the title parameter in the news addition interface. Attackers can inject JavaScript payloads via the title field in the admin panel that...

6.4CVSS5.7AI score0.00235EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-11233

Malware in sbrugna...

6.5CVSS6.6AI score0.00422EPSS
Exploits1References2
NVD
NVD
added 2018/11/26 7:29 a.m.21 views

CVE-2018-19544

JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news...

6.5CVSS6.5AI score0.00422EPSS
Exploits1References1
OSV
OSV
added 2018/11/26 7:29 a.m.5 views

CVE-2018-19544

JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news...

6.5CVSS5.8AI score0.00422EPSS
Exploits1References1
Prion
Prion
added 2018/11/26 7:29 a.m.13 views

Cross site request forgery (csrf)

JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news...

4.3CVSS6.5AI score0.00422EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/11/26 12:0 a.m.3 views

JEECMS Cross-Site Request Forgery Vulnerability (CNVD-2018-26785)

JEECMS is a set of China Jinlei technology development company using Java language development of content management system CMS. A cross-site request forgery vulnerability exists in JEECMS version 9.3. A remote attacker can exploit this vulnerability to add news with the help of...

6.5CVSS6.6AI score0.00422EPSS
Exploits1References1
0day.today
0day.today
added 2010/10/04 12:0 a.m.19 views

Jax Calender admin bypass vulnerability

Exploit for php platform in category web applications ======================================= Jax Calender admin bypass vulnerability ======================================= Exploit Title: Jax Calender admin bypass vulnerability Date: 3.10.2010 Author: EraGoN Software Link:...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2003/03/31 12:0 a.m.41 views

Новости

Product: Новости Version: 1.0 OffSite: http://xonix.ru Problem: Добавление новостей -------------------------------------- Можно добавлять новости без авторизации. http://target/admin/script.php?data=ENTERTHISYOURNEWS. Пример: http://target/admin/script.php?data=script.php?data=? system$cmd ? зат...

7.2AI score
Exploits0
Rows per page
Query Builder