Lucene search
K

4 matches found

CVE
CVE
added 2026/06/17 1:41 p.m.38 views

CVE-2026-9591

CVE-2026-9591 documents a CSRF vulnerability in the SimplCommerce News module. The issue is in the NewsItemApiController and allows an unauthenticated remote attacker to create or modify news items as an administrator by submitting a crafted form to /api/news-items, due to missing anti-CSRF prote...

6.9CVSS5.4AI score0.00197EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/28 12:0 a.m.16 views

Contao 安全漏洞

Contao is an open source Content Management System CMS developed in PHP by Contao Open Source. The system supports search engines, rights management, and CSS frameworks. A security vulnerability exists in Contao version 5.3.38 and versions prior to 5.6.1, which stems from an unfiltered protected...

5.3CVSS6.3AI score0.00281EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2011/08/08 12:0 a.m.73 views

Web Design Sydney SQL Injection

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Web Design Sydney news-item.php?id news-item.php?newsid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.milkdigital.com.au/ Persian Gulf 4 Ever! Dork : "web design sydney...

0.6AI score
Exploits0
NVD
NVD
added 2009/08/24 7:30 p.m.13 views

CVE-2008-7060

Multiple cross-site scripting XSS vulnerabilities in One-News Beta 2 allow remote attackers to inject arbitrary HTML and web script via the 1 title or 2 content parameters in a news item to add.php, and the 3 itemnum, 4 author, or 5 comment parameters in a comment to index.php. NOTE: vectors 1 an...

4.3CVSS5.8AI score0.01109EPSS
Exploits1References4
Rows per page
Query Builder