Lucene search
K

23 matches found

NVD
NVD
added 2022/03/01 2:15 a.m.12 views

CVE-2022-25018

Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages...

8.8CVSS0.02516EPSS
Exploits1References3
NVD
NVD
added 2022/03/01 2:15 a.m.15 views

CVE-2022-25020

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

5.4CVSS0.01166EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2022/03/01 2:15 a.m.29 views

CVE-2022-25018

Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages...

8.8CVSS7.5AI score0.02516EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2022/03/01 2:15 a.m.27 views

CVE-2022-25020

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

5.4CVSS6.2AI score0.01166EPSS
Exploits1References5
Prion
Prion
added 2022/03/01 2:15 a.m.18 views

Cross site scripting

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

3.5CVSS5.3AI score0.01166EPSS
Exploits2References4Affected Software1
Prion
Prion
added 2022/03/01 2:15 a.m.14 views

Design/Logic Flaw

Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages...

6.5CVSS9.1AI score0.02516EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2022/03/01 1:26 a.m.117 views

CVE-2022-25020

CVE-2022-25020 affects PluXML v5.8.7: an XSS vulnerability allows arbitrary web scripts/HTML via a crafted payload in the thumbnail path of a blog post. Affected component: thumbnail handling in PluXML; underlying cause per description is improper handling of input in the thumbnail path. Impact s...

5.4CVSS5.2AI score0.01166EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2022/03/01 1:26 a.m.65 views

CVE-2022-25020

Removed by vendor...

5.4CVSS5.5AI score0.01166EPSS
Exploits1
Cvelist
Cvelist
added 2022/03/01 1:26 a.m.22 views

CVE-2022-25020

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

5.4AI score0.01166EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/03/01 1:25 a.m.20 views

CVE-2022-25018

Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages...

9.3AI score0.02516EPSS
Exploits1References3
OSV
OSV
added 2022/03/01 1:25 a.m.17 views

CVE-2022-25018

Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages...

8.8CVSS8.2AI score0.02516EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2022/03/01 1:25 a.m.51 views

CVE-2022-25018

Removed by vendor...

8.8CVSS8.8AI score0.02516EPSS
Exploits1
NVD
NVD
added 2022/02/15 4:15 p.m.32 views

CVE-2022-24587

A stored cross-site scripting XSS vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML...

5.4CVSS0.00744EPSS
Exploits1References2
Prion
Prion
added 2022/02/15 4:15 p.m.19 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML...

3.5CVSS5.3AI score0.00744EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCve
added 2022/02/15 4:15 p.m.44 views

CVE-2022-24585

A stored cross-site scripting XSS vulnerability in the component /core/admin/comment.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the author parameter...

5.4CVSS6AI score0.00753EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2022/02/15 4:15 p.m.40 views

CVE-2022-24587

A stored cross-site scripting XSS vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML...

5.4CVSS6AI score0.00744EPSS
Exploits1References3
Prion
Prion
added 2022/02/15 4:15 p.m.11 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the component /core/admin/comment.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the author parameter...

3.5CVSS5.2AI score0.00753EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/02/15 3:40 p.m.93 views

CVE-2022-24587

CVE-2022-24587 describes a stored XSS in PluXml v5.8.7, specifically in the component core/admin/medias.php , allowing attackers to run arbitrary web scripts or HTML. The description and connected records confirm the vulnerability and its target file, but none of the provided documents supply det...

5.4CVSS5.3AI score0.00744EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/02/15 3:40 p.m.33 views

CVE-2022-24587

A stored cross-site scripting XSS vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML...

5.5AI score0.00744EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2022/02/15 3:40 p.m.75 views

CVE-2022-24587

Removed by vendor...

5.4CVSS5.5AI score0.00744EPSS
Exploits1
Rows per page
Query Builder