Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-9936

Malware in sbrugna...

6.1CVSS6.3AI score0.00905EPSS
Exploits1References3
NVD
NVD
added 2018/10/09 10:29 p.m.12 views

CVE-2018-18198

The $openerinputfield variable in addons/mediapool/pages/index.php in REDAXO 5.6.3 is not effectively filtered and is output directly to the page. The attacker can insert XSS payloads via an index.php?page=mediapool/media&openerinputfield=XSS request...

6.1CVSS6AI score0.00905EPSS
Exploits1References2
OSV
OSV
added 2018/10/09 10:29 p.m.6 views

CVE-2018-18198

The $openerinputfield variable in addons/mediapool/pages/index.php in REDAXO 5.6.3 is not effectively filtered and is output directly to the page. The attacker can insert XSS payloads via an index.php?page=mediapool/media&openerinputfield=XSS request...

6.1CVSS6AI score0.00905EPSS
Exploits1References2
Prion
Prion
added 2018/10/09 10:29 p.m.13 views

Cross site request forgery (csrf)

The $openerinputfield variable in addons/mediapool/pages/index.php in REDAXO 5.6.3 is not effectively filtered and is output directly to the page. The attacker can insert XSS payloads via an index.php?page=mediapool/media&openerinputfield=XSS request...

4.3CVSS5.9AI score0.00905EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/10/09 10:0 p.m.16 views

CVE-2018-18198

The $openerinputfield variable in addons/mediapool/pages/index.php in REDAXO 5.6.3 is not effectively filtered and is output directly to the page. The attacker can insert XSS payloads via an index.php?page=mediapool/media&openerinputfield=XSS request...

6AI score0.00905EPSS
Exploits1References2
CVE
CVE
added 2018/10/09 10:0 p.m.44 views

CVE-2018-18198

The CVE-2018-18198 issue affects REDAXO 5.6.3 via addons/mediapool/pages/index.php where the $opener_input_field is not properly filtered and is echoed to the page. This allows an attacker to inject XSS payloads through a request such as index.php?page=mediapool/media&opener_input_field=[XSS]. Re...

6.1CVSS5.9AI score0.00905EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2018/10/01 8:29 a.m.13 views

CVE-2018-17831

In REDAXO before 5.6.3, a critical SQL injection vulnerability has been discovered in the rexlist class because of the prepareQuery function in core/lib/list.php, via the index.php?page=users/users sort parameter. Endangered was the backend and the frontend only if rexlist were used...

9.8CVSS9.9AI score0.02053EPSS
Exploits1References3
Rows per page
Query Builder