Lucene search
K

8 matches found

NVD
NVD
added 2026/02/01 1:15 p.m.5 views

CVE-2021-47856

Easy Cart Shopping Cart 2021 contains a non-persistent cross-site scripting vulnerability in the search module's keyword parameter. Remote attackers can inject malicious script code through the search input to compromise user sessions and manipulate application content...

6.4CVSS0.00305EPSS
Exploits0References3
CVE
CVE
added 2025/08/26 12:2 a.m.18 views

CVE-2025-9431

The CVE-2025-9431 entry concerns mtons mblog up to version 3.5.0. The vulnerability affects the /search function, where manipulation of the kw argument enables cross-site scripting. The issue can be exploited remotely, and exploits have been published. Public sources in the connected documents (e...

6.1CVSS4.4AI score0.00334EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.5 views

Code-Projects Responsive Blog 代码注入漏洞

Code-Projects Responsive Blog is an open source responsive blog by Code-Projects. A code injection vulnerability exists in Code-Projects Responsive Blog version 1.0, which stems from cross-site scripting due to incorrect manipulation of the parameter keyword in the file /search.php...

5.4CVSS4.8AI score0.00286EPSS
Exploits1References6
OSV
OSV
added 2023/08/03 5:15 p.m.2 views

CVE-2023-36213

SQL injection vulnerability in MotoCMS v.3.4.3 allows a remote attacker to gain privileges via the keyword parameter of the search function...

9.8CVSS5.9AI score0.01091EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.4 views

MotoCMS SQL注入漏洞

MotoCMS is a simple website builder from MotoCMS. MotoCMS version v3.4.3 suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. The vulnerability can be exploited by an attacker to gain privileges via the keyword...

9.8CVSS8.4AI score0.01091EPSS
Exploits1References3
CNVD
CNVD
added 2018/12/29 12:0 a.m.2 views

WUZHI CMS SQL Injection Vulnerability (CNVD-2019-03304)

WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A SQL injection vulnerability exists in the coreframe/app/coupon/admin/copyfrom.php file in WUZHI CMS version 4.1.0. A remote attacker can exploit this vulnerabili...

9.8CVSS10AI score0.01537EPSS
Exploits1References1
OSV
OSV
added 2018/09/03 12:29 a.m.3 views

CVE-2018-16372

The issue was discovered in IdeaCMS through 2016-04-30. There is reflected XSS via the index.php?c=content&a=search kw parameter. NOTE: this product is discontinued...

6.1CVSS5.8AI score0.00655EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/31 12:0 a.m.2 views

SQL Injection Vulnerability in Zhimei Cloud Management System of Henan Qingfeng Network Technology Co.

Zhimei cloud management system is a set of station management system developed by Henan Qingfeng Network Technology Co. There is a SQL injection vulnerability in the Zhimei Cloud Management System of Henan Qingfeng Network Technology Co. The vulnerability is due to the product/sousuo?key= paramet...

7.9AI score
Exploits0
Rows per page
Query Builder