Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Packet Storm
Packet Stormadded 2021/01/05 12:0 a.m.660 views

Incom CMS 2.0 File Upload

Exploit Title: IncomCMS 2.0 - Insecure File Upload Google Dork: intext:"Incom CMS 2.0" Date: 07.12.2020 Exploit Author: MoeAlBarbari Vendor Homepage: https://www.incomcms.com/ Version: 2.0 Tested on: BackBox linux CVE: CVE-2020-29597 Upload your files Upload your file...

7.5CVSS9.7AI score0.85276EPSS
Exploits3
NVD
NVDadded 2018/07/07 5:29 p.m.5 views

CVE-2018-11351

script.php in Jirafeau before 3.4.1 is affected by two stored Cross-Site Scripting XSS vulnerabilities. These are stored within the shared files description file and allow the execution of a JavaScript payload each time an administrator searches or lists uploaded files. These two injections could...

6.1CVSS6AI score0.00259EPSS
Exploits1References1
OSV
OSVadded 2018/07/07 5:29 p.m.7 views

CVE-2018-11351

script.php in Jirafeau before 3.4.1 is affected by two stored Cross-Site Scripting XSS vulnerabilities. These are stored within the shared files description file and allow the execution of a JavaScript payload each time an administrator searches or lists uploaded files. These two injections could...

6.1CVSS5.8AI score
Exploits0References1
0day.today
0day.todayadded 2017/09/04 12:0 a.m.18 views

FineCMS 1.0 Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: FineCMS 1.0 Multiple Vulnerabilities Dork: N/A Date: 29.08.2017 Vendor Homepage : http://mvc.net.pl/ Software Link: https://github.com/andrzuk/FineCMS Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Explo...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2017/07/13 12:0 a.m.19 views

FineCMS multi vulnerablity

Reflected XSS in getimage.php Technical Description: file /application/lib/ajax/getimage.php the $POST'id' and $POST'name' and $GET'folder' without any validated, sanitised or output encoded. Proof of ConceptPoC http://yourfinecms/application/lib/ajax/getimage.php?folder=1 POST: id=1"alert1&name=...

7.4AI score
Exploits0
Openbugbounty
Openbugbountyadded 2016/08/22 6:26 p.m.11 views

php.su XSS vulnerability

Vulnerable URL: http://www.php.su/phphttp/forms/docs/script.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 18534 VIP website status:| Yes Check php.su SSL connection:| Grade: F...

6.3AI score
Exploits0
Exploit DB
Exploit DBadded 2012/06/13 12:0 a.m.19 views

Joomla! Component mod_jfancy - 'script.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/53975/info The jFancy component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary cod...

7.4AI score
Exploits0
Prion
Prionadded 2006/04/20 6:6 p.m.10 views

Design/Logic Flaw

DbbS 2.0-alpha and earlier allows remote attackers to obtain sensitive information via an invalid 1 fcategoryid parameter to topics.php or 2 unavariabile, 3 GLOBALS, or 4 SERVER parameters to script.php. NOTE: this information leak might be resultant from a global variable overwrite issue...

5CVSS6.7AI score0.00391EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder