Lucene search
K

412 matches found

CVE
CVE
added 2020/03/12 1:4 p.m.50 views

CVE-2020-10407

The issue is a reflected XSS in Chadha PHPKB Standard Multi-Language 9 caused by how URIs are parsed in admin/header.php. The cve description notes it can be triggered in admin/edit-news.php by appending a payload after a question mark. Red Hat entries corroborate the URI-based XSS pattern affect...

4.8CVSS4.9AI score0.00611EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:3 p.m.51 views

CVE-2020-10397

CVE-2020-10397 affects Chadha PHPKB Standard Multi-Language 9. The issue is a Reflected XSS in URI handling within admin/header.php, exploitable via admin/add-news.php by appending a question mark ? followed by payload. The Red Hat connected records corroborate a pattern of Reflected XSS in admin...

4.8CVSS4.9AI score0.00611EPSS
Exploits1References2Affected Software1
0day.today
0day.today
added 2020/03/09 12:0 a.m.181 views

60CycleCMS - (news.php) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: 60CycleCMS 2.5.2 - 'news.php' SQL Injection Exploit Author: Unkn0wn Vendor Homepage: http://davidvg.com/ Software Link: https://www.opensourcecms.com/60cyclecms Version: 2.5.2 Tested on: Ubuntu CVE : N/A...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/03/09 12:0 a.m.154 views

60CycleCMS 2.5.2 SQL Injection

Exploit Title: 60CycleCMS 2.5.2 - 'news.php' SQL Injection Google Dork: N/A Date: 2020-03-07 Exploit Author: Unkn0wn Vendor Homepage: http://davidvg.com/ Software Link: https://www.opensourcecms.com/60cyclecms Version: 2.5.2 Tested on: Ubuntu CVE : N/A...

Exploits0
Exploit DB
Exploit DB
added 2020/03/09 12:0 a.m.177 views

60CycleCMS - 'news.php' SQL Injection

Exploit Title: 60CycleCMS - 'news.php' Multiple vulnerability Google Dork: N/A Date: 2020-02-10 Exploit Author: Unkn0wn Vendor Homepage: http://davidvg.com/ Software Link: https://www.opensourcecms.com/60cyclecms Version: 2.5.2 Tested on: Ubuntu CVE : N/A...

7.4AI score
Exploits0
Prion
Prion
added 2018/09/05 9:29 p.m.12 views

Design/Logic Flaw

An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter...

4.3CVSS5.9AI score0.00947EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/09/05 9:0 p.m.17 views

CVE-2018-16361

An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter...

6AI score0.00947EPSS
Exploits1References2
Prion
Prion
added 2018/08/06 3:29 p.m.23 views

Cross site scripting

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/news.php has XSS...

3.5CVSS5.2AI score0.00534EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/08/06 3:0 p.m.23 views

CVE-2018-14974

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/news.php has XSS...

5.2AI score0.00534EPSS
Exploits1References1
CVE
CVE
added 2018/08/06 3:0 p.m.48 views

CVE-2018-14974

CVE-2018-14974 affects QCMS 3.0.1, with a cross-site scripting (XSS) flaw in upload/System/Controller/backend/news.php. CNVD describes remote exploitation to inject arbitrary script/HTML; CVSS3 base score 4.8 (MEDIUM). No remediation details provided in the supplied documents.

4.8CVSS5.2AI score0.00534EPSS
Exploits1References1Affected Software1
Openbugbounty
Openbugbounty
added 2018/07/19 10:15 p.m.6 views

onehealthinitiative.com XSS vulnerability

Open Bug Bounty ID: OBB-650599 Description| Value ---|--- Affected Website:| onehealthinitiative.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
exploitpack
exploitpack
added 2018/06/15 12:0 a.m.47 views

Dimofinf CMS 3.0.0 - Cross-Site Scripting

Dimofinf CMS 3.0.0 - Cross-Site Scripting Title: Dimofinf CMS 3.0.0 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Date: 2018-06-13 Software: Dimofinf CMS Version 3.0.0 CVE: CVE-2018-12094 A Reflected Cross-Site Scripting web vulnerability has been discovered in the "Dimofinf CMS"...

3.5CVSS0.2AI score0.0175EPSS
Exploits5
Openbugbounty
Openbugbounty
added 2018/06/13 3:0 p.m.8 views

education.gov.ag XSS vulnerability

Open Bug Bounty ID: OBB-631160 Description| Value ---|--- Affected Website:| education.gov.ag Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
CNVD
CNVD
added 2018/06/12 12:0 a.m.2 views

Dimofinf CMS Cross-Site Scripting Vulnerability

Dimofinf CMS is an Arabic content management system CMS written in PHP. A cross-site scripting vulnerability exists in the news.php file in Dimofinf CMS version 3.0.0. The vulnerability can be exploited by a remote attacker to inject arbitrary web script or HTML with the help of the 'id' paramete...

5.4CVSS6AI score0.0175EPSS
Exploits5References1
Prion
Prion
added 2018/06/11 11:29 a.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in news.php in Dimofinf CMS Version 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

3.5CVSS5.3AI score0.0175EPSS
Exploits5References2Affected Software1
Cvelist
Cvelist
added 2018/06/11 11:0 a.m.28 views

CVE-2018-12094

Cross-site scripting XSS vulnerability in news.php in Dimofinf CMS Version 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

5.3AI score0.0175EPSS
Exploits5References2
Openbugbounty
Openbugbounty
added 2018/06/02 5:28 p.m.12 views

mail.crpn.cn XSS vulnerability

Open Bug Bounty ID: OBB-626080 Description| Value ---|--- Affected Website:| mail.crpn.cn Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Prion
Prion
added 2018/05/26 3:29 p.m.14 views

Design/Logic Flaw

PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php...

4.3CVSS5.9AI score0.00802EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/05/26 3:29 p.m.19 views

CVE-2018-11487

PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php...

6.1CVSS6AI score0.00802EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/05/26 3:0 p.m.16 views

CVE-2018-11487

PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php...

6.1AI score0.00802EPSS
Exploits0References1
Rows per page
Query Builder