CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

412 matches found

CNVD•added 2026/05/07 12:0 a.m.•7 views

XATABoost CMS SQL Injection Vulnerability

XATABoost CMS is a content management system from XATABoost that provides website content publishing and management functions. A SQL injection vulnerability exists in XATABoost CMS version 1.0.0. The vulnerability stems from the application's lack of validation of externally entered SQL statement...

8.8CVSS5.9AI score0.00323EPSS

Exploits0

Vulnrichment•added 2026/04/29 7:24 p.m.•3 views

CVE-2018-25300 XATABoost CMS 1.0.0 SQL Injection via news.php

XATABoost CMS 1.0.0 contains a union-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the id parameter. Attackers can send GET requests to news.php with malicious id values to extract sensitive database informatio...

8.8CVSS5.7AI score0.00323EPSS

Exploits0References3

ATTACKERKB•added 2026/02/03 4:52 p.m.•3 views

CVE-2020-37111

60CycleCMS 2.5.2 contains a cross-site scripting XSS vulnerability in news.php that allows attackers to inject malicious scripts through GET parameters. Attackers can craft malicious URLs with XSS payloads targeting the 'etsu' and 'ltsu' parameters to execute arbitrary scripts in victim's browser...

6.1CVSS5.7AI score0.00255EPSS

Exploits1References4Affected Software1

CVE•added 2026/02/03 4:52 p.m.•9 views

CVE-2020-37110

60CycleCMS 2.5.2 contains an SQL injection vulnerability in news.php and common/lib.php that allows manipulation of database queries via unvalidated input (e.g., the 'title' parameter). Impact includes potential data extraction or modification (confidentiality and integrity). Root cause: unvalida...

9.8CVSS5.2AI score0.00349EPSS

Exploits1References3Affected Software1

CNNVD•added 2026/02/03 12:0 a.m.•7 views

60CycleCMS SQL注入漏洞

60CycleCMS is an open-source content management system developed by 60CycleCMS. Version 2.5.2 of 60CycleCMS has a SQL injection vulnerability. This vulnerability stems from SQL injections in the news.php and common/lib.php files, which could allow attackers to manipulate database queries with...

9.8CVSS5.9AI score0.00349EPSS

Exploits1References3