CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-1894

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00458EPSS

Exploits1References7

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-5962

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00472EPSS

Exploits0References5

RedhatCVE•added 2025/05/22 9:21 p.m.•3 views

CVE-2021-41750

A cross-site scripting XSS vulnerability in the SEOmatic plugin 3.4.10 for Craft CMS 3 allows remote attackers to inject arbitrary web script via a GET to /index.php?action=seomatic/file/seo-file-link with url parameter containing the base64 encoded URL of a malicious web page / file and fileName...

6.1CVSS5.8AI score0.00472EPSS

Exploits0

RedhatCVE•added 2025/05/22 5:51 p.m.•2 views

CVE-2020-12790

In the SEOmatic plugin before 3.2.49 for Craft CMS, helpers/DynamicMeta.php does not properly sanitize the URL. This leads to Server-Side Template Injection and credentials disclosure via a crafted Twig template after a semicolon...

7.5CVSS7AI score0.00458EPSS

Exploits1

OSV•added 2022/06/13 12:0 a.m.•19 views

GHSA-6HJC-M38H-7JHH Cross-site Scripting in SEOmatic plugin

6.1CVSS5.9AI score0.00472EPSS

Exploits0References5

Github Security Blog•added 2022/06/13 12:0 a.m.•31 views

Cross-site Scripting in SEOmatic plugin

6.1CVSS3.8AI score0.00472EPSS

Exploits0References5Affected Software1

OSV•added 2022/06/12 12:15 p.m.•12 views

CVE-2021-41750

6.1CVSS6AI score

Exploits0References3

NVD•added 2022/06/12 12:15 p.m.•6 views

CVE-2021-41750

6.1CVSS0.00472EPSS

Exploits0References3

Prion•added 2022/06/12 12:15 p.m.•9 views

Cross site scripting

4.3CVSS5.9AI score0.00472EPSS

Exploits0References3Affected Software1

Cvelist•added 2022/06/12 11:29 a.m.•11 views

CVE-2021-41750

6.1AI score0.00472EPSS

Exploits0References3

NVD•added 2022/06/12 11:15 a.m.•12 views

CVE-2021-41749

In the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is possible for unauthenticated attackers to perform a Server-Side Template Injection, allowing for remote code execution...

9.8CVSS0.85815EPSS

Exploits0References2

Prion•added 2022/06/12 11:15 a.m.•14 views

Remote code execution

In the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is possible for unauthenticated attackers to perform a Server-Side Template Injection, allowing for remote code execution...

7.5CVSS9.8AI score0.85815EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/06/12 11:0 a.m.•14 views

CVE-2021-41749

In the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is possible for unauthenticated attackers to perform a Server-Side Template Injection, allowing for remote code execution...

10AI score0.85815EPSS

Exploits0References2

CVE•added 2022/06/12 11:0 a.m.•128 views

CVE-2021-41749

The CVE-2021-41749 entry affects the SEOmatic plugin for Craft CMS 3 up to version 3.4.11. The Nuclei template documents an unauthenticated Server-Side Template Injection (SSTI) vulnerability that allows an attacker to execute arbitrary Twig templates and system commands via the X-Forwarded-Host ...

9.8CVSS9.8AI score0.85815EPSS

Exploits0References2Affected Software1

Prion•added 2020/05/11 7:15 p.m.•7 views

Design/Logic Flaw

5CVSS7.5AI score0.00458EPSS

Exploits1References4Affected Software1

Cvelist•added 2020/05/11 6:8 p.m.•9 views

CVE-2020-12790

7.5AI score0.00458EPSS

Exploits1References4

NVD•added 2018/08/06 8:29 p.m.•11 views

CVE-2018-14716

A Server Side Template Injection SSTI was discovered in the SEOmatic plugin before 3.1.4 for Craft CMS, because requests that don't match any elements incorrectly generate the canonicalUrl, and can lead to execution of Twig code...

7.5CVSS7.7AI score0.60612EPSS

Exploits3References6

OSV•added 2018/08/06 8:29 p.m.•13 views

CVE-2018-14716

7.5CVSS7.2AI score

Exploits0References6

Prion•added 2018/08/06 8:29 p.m.•17 views

Code injection

5CVSS7.8AI score0.60612EPSS

Exploits3References6Affected Software1

Cvelist•added 2018/08/06 8:0 p.m.•14 views

CVE-2018-14716