Lucene search
+L

49 matches found

OSV
OSV
added 2021/07/30 2:15 p.m.6 views

CVE-2020-20700

A stored cross site scripting XSS vulnerability in /app/formadd/of S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Title Entry text box...

4.8CVSS5.6AI score0.00579EPSS
Exploits1References1
NVD
NVD
added 2021/07/30 2:15 p.m.31 views

CVE-2020-20701

A stored cross site scripting XSS vulnerability in /app/config/of S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

4.8CVSS0.00579EPSS
Exploits1References1
Prion
Prion
added 2021/07/30 2:15 p.m.25 views

Cross site scripting

A stored cross site scripting XSS vulnerability in /app/formadd/of S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Title Entry text box...

3.5CVSS5AI score0.00579EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/07/30 2:15 p.m.28 views

Cross site scripting

A cross site scripting XSS vulnerability in S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Copyright text box under Basic Settings...

3.5CVSS5.1AI score0.00527EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/07/30 2:15 p.m.22 views

Cross site scripting

A stored cross site scripting XSS vulnerability in /app/config/of S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

3.5CVSS5AI score0.00579EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/07/30 2:15 p.m.27 views

Remote code execution

A remote code execution RCE vulnerability in /1.com.php of S-CMS PHP v3.0 allows attackers to getshell via modification of a PHP file...

6.5CVSS7.4AI score0.0195EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/07/27 10:19 p.m.36 views

CVE-2020-20701

A stored cross site scripting XSS vulnerability in /app/config/of S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.1AI score0.00579EPSS
Exploits1References1
CVE
CVE
added 2021/07/27 10:19 p.m.64 views

CVE-2020-20701

CVE-2020-20701 documents a stored cross-site scripting (XSS) vulnerability in the S-CMS product, specifically affecting S-CMS PHP v3.0 . The issue allows an attacker to inject and store a crafted payload that, when viewed by a user, can cause arbitrary web scripts or HTML to be executed in the co...

4.8CVSS5AI score0.00579EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/07/27 10:19 p.m.60 views

CVE-2020-20700

CVE-2020-20700 describes a stored cross-site scripting (XSS) vulnerability in /app/form_add/ of S-CMS PHP v3.0. The issue arises from a crafted payload entered into the Title Entry text box, enabling execution of arbitrary web scripts/HTML. Affected software: S-CMS PHP v3.0; vulnerable component:...

4.8CVSS5AI score0.00579EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/07/27 10:19 p.m.25 views

CVE-2020-20699

A cross site scripting XSS vulnerability in S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Copyright text box under Basic Settings...

5.1AI score0.00527EPSS
Exploits1References1
CVE
CVE
added 2021/07/27 10:19 p.m.61 views

CVE-2020-20699

S-CMS PHP v3.0 has a cross-site scripting (XSS) vulnerability exploitable via the Copyright field in Basic Settings, allowing arbitrary web scripts/HTML execution. The vulnerability is consistently described across NVD/Red Hat/CNNVD/CNVD feeds as CVE-2020-20699, with no connected document providi...

4.8CVSS5.1AI score0.00527EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/07/27 10:19 p.m.30 views

CVE-2020-20698

A remote code execution RCE vulnerability in /1.com.php of S-CMS PHP v3.0 allows attackers to getshell via modification of a PHP file...

7.4AI score0.0195EPSS
Exploits1References1
NVD
NVD
added 2019/04/02 7:29 p.m.24 views

CVE-2019-10708

S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter...

9.8CVSS10AI score0.02638EPSS
Exploits2References1
Prion
Prion
added 2019/04/02 7:29 p.m.20 views

Sql injection

S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter...

7.5CVSS9.9AI score0.02638EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2019/04/02 6:51 p.m.27 views

CVE-2019-10708

S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter...

10AI score0.02638EPSS
Exploits2References1
CVE
CVE
added 2019/04/02 6:51 p.m.52 views

CVE-2019-10708

CVE-2019-10708 affects S-CMS PHP v1.0. The vulnerability is a SQL injection in the parameter 4/js/scms.php?action=unlike, due to insufficient input validation, allowing an attacker to inject SQL statements. The NVD/NVD-derived metrics indicate high/critical risk (CVSS v2: 7.5; CVSS v3: 9.8). Publ...

9.8CVSS9.9AI score0.02638EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2019/03/27 6:29 p.m.24 views

Cross site request forgery (csrf)

S-CMS PHP v1.0 has a CSRF vulnerability to add a new admin user via the 4.edu.php/admin/ajax.php?type=admin&action=add&lang=0 URI, a related issue to CVE-2019-9040...

6.8CVSS8.7AI score0.00614EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/03/27 5:45 p.m.55 views

CVE-2019-10237

CVE-2019-10237 affects S-CMS PHP v1.0 and is a CSRF vulnerability that allows adding a new admin user via the URI 4.edu.php/admin/ajax.php?type=admin&action=add&lang=0. The issue is linked to CVE-2019-9040 and reiterates a cross-site request forgery risk in the admin creation flow. Connected Red ...

8.8CVSS8.7AI score0.00614EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/03/22 8:29 a.m.24 views

Design/Logic Flaw

S-CMS PHP v1.0 has XSS in 4.edu.php via the Sid parameter...

4.3CVSS6AI score0.00826EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2019/03/22 8:29 a.m.15 views

CVE-2019-9925

S-CMS PHP v1.0 has XSS in 4.edu.php via the Sid parameter...

6.1CVSS6.1AI score0.00826EPSS
Exploits1References1
Rows per page
Query Builder