Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/06/03 10:1 p.m.13 views

CVE-2026-10608

A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used f...

7.5CVSS6.9AI score0.00308EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 8:16 p.m.10 views

CVE-2026-10608

A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used f...

7.5CVSS0.00308EPSS
Exploits0References4
CVE
CVE
added 2026/06/02 6:0 p.m.14 views

CVE-2026-10608

This CVE affects DedeCMS 5.7.88 and the vulnerable component is the function RemoveXSS in the file /plus/carbuyaction.php . The root cause is described as manipulation of the arguments postname/des leading to an SQL injection vulnerability. The impact is described as enabling remote exploitation ...

7.5CVSS6.9AI score0.00308EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/02 6:0 p.m.11 views

EUVD-2026-33997

A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used f...

7.5CVSS6.9AI score0.00308EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/02 6:0 p.m.6 views

CVE-2026-10608

A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used f...

7.5CVSS6.9AI score0.00308EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/02 6:0 p.m.7 views

CVE-2026-10608 DedeCMS carbuyaction.php RemoveXSS sql injection

A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used f...

7.5CVSS5.7AI score0.00308EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.10 views

PT-2026-45819

Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7.88 Description A security flaw exists in the RemoveXSS function within the '/plus/carbuyaction.php' file. Remote attackers can perform SQL injection, which is a technique used to manipulate a database by inserting malicious...

7.5CVSS7.4AI score0.00308EPSS
Exploits0References6
OSV
OSV
added 2025/06/30 6:15 a.m.6 views

CVE-2025-6889

A vulnerability was found in code-projects Movie Ticketing System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /logIn.php. The manipulation of the argument postName leads to sql injection. The attack can be initiated remotely. The exploit has been...

9.8CVSS5.8AI score0.00399EPSS
Exploits1References5
seebug.org
seebug.org
added 2007/03/12 12:0 a.m.18 views

News Bin Pro 4.32 Article Grabbing Remote Unicode BoF Exploit

No description provided by source. / News Bin Pro 4.32 Article Grabbing Remote Unicode Buffer Overflow There is remote buffer overflow in News Bin Pro 4.32 that can be triggered by grabbing articles that contain an overly long file name. To exploit, convince someone to set his newsgroup server to...

7.1AI score
Exploits0
Rows per page
Query Builder