CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Vulnrichment•added 2025/08/28 5:24 a.m.•0 views

CVE-2024-13807 Xagio SEO <= 7.1.0.5 - Unauthenticated Sensitive Information Exposure via Unprotected Back-Up Files

The Xagio SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.1.0.5 via the backup functionality due to weak filename structure and lack of protection in the directory. This makes it possible for unauthenticated attackers to extract...

7.5CVSS7AI score0.00145EPSS

Exploits0References3

CVE•added 2024/08/16 6:40 a.m.•50 views

CVE-2024-7501

CVE-2024-7501 affects the WordPress plugin Download Plugins and Themes in ZIP from Dashboard. The vulnerability is CSRF due to missing/incorrect nonce validation in download_theme(), enabling unauthenticated attackers to cause a forged request to download arbitrary themes. Impact details from con...

4.2CVSS4.3AI score0.00168EPSS

Exploits0References2

Prion•added 2022/06/09 12:15 a.m.•13 views

Input validation

LibreHealth EHR Base 2.0.0 allows incorrect interface/super/managesitefiles.php access...

9CVSS8.6AI score0.00428EPSS

Exploits1References3Affected Software1

OSV•added 2022/05/14 1:31 a.m.•22 views

GHSA-3GQ5-R59M-MMV2 Kirby XSS Vulnerability

Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file...

4.8CVSS4.8AI score0.00235EPSS

Exploits1References3

Github Security Blog•added 2022/05/14 1:31 a.m.•17 views

Kirby XSS Vulnerability

Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file...

4.8CVSS6.4AI score0.00235EPSS

Exploits1References3Affected Software1

NVD•added 2021/06/03 11:15 p.m.•9 views

CVE-2020-36006

AppCMS 2.0.101 in /admin/info.php has an arbitrary file deletion vulnerability which allows attackers to delete arbitrary files on the site...

6.5CVSS0.00339EPSS

Exploits1References1

OSV•added 2018/12/28 5:29 p.m.•18 views

CVE-2018-16630

Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file...

4.8CVSS6AI score0.00235EPSS

Exploits1References1

Cvelist•added 2018/12/28 5:0 p.m.•25 views

CVE-2018-16630

Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file...

4.9AI score0.00235EPSS

Exploits1References1

CNVD•added 2018/12/06 12:0 a.m.•1 views

HuCart fi***.li***.php file has an arbitrary file deletion vulnerability

HuCart HuCart is an open source enterprise building system. HuCart fi.li.php file exists arbitrary file deletion vulnerability , attackers can exploit the vulnerability to delete any file site...

7AI score

Exploits0

CNVD•added 2018/01/15 12:0 a.m.•1 views

File Read Vulnerability in ZTE Color Ring Business System

ZTE's ringtone system inherits the stable system architecture of the mobile smart network, follows the latest specifications of operators, and provides flexible interfaces and rich new service functions. A file read vulnerability exists in the ZTE Color Ring service system, which can be exploited...

6.9AI score

Exploits0

0day.today•added 2009/03/09 12:0 a.m.•16 views

CMS S.Builder <= 3.7 Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ======================================================== CMS S.Builder = 3.7 Remote File Inclusion Vulnerability ======================================================== CMS S.Builder = 3.7 RFI Vulnerability Information: Vendor:...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by