Lucene search
+L

10 matches found

OSV
OSV
added 2025/12/18 8:15 p.m.6 views

CVE-2019-25230

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

4.3CVSS5.6AI score0.00232EPSS
Exploits0References2
CVE
CVE
added 2025/12/18 7:53 p.m.10 views

CVE-2019-25230

Summary: CVE-2019-25230 affects Kentico Xperience with an information disclosure in the Live Site Widget Properties dialog. The vulnerability allows authenticated users to view sensitive system objects, exposing information beyond their access level. According to the connected records, the issue ...

5.3CVSS5.6AI score0.00232EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/12/18 7:53 p.m.25 views

CVE-2019-25230 Kentico Xperience <= 12.0.0 User Widget Information Disclosure

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

5.3CVSS0.00232EPSS
Exploits0References2
Snyk
Snyk
added 2024/10/01 3:32 p.m.4 views

Cross-site Scripting (XSS)

Overview pagekit/pagekit is a modular and lightweight CMS built with Symfony components and Vue.js. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the index.php/admin/site/widget endpoint. Details Cross-site scripting or XSS is a code vulnerability that occurs wh...

6.1CVSS5.4AI score0.00368EPSS
Exploits1References2
OSV
OSV
added 2024/10/01 3:32 p.m.12 views

GHSA-XW32-6422-FRQM Pagekit Cross-site Scripting vulnerability

Pagekit 1.0.18 is vulnerable to Cross Site Scripting XSS in index.php/admin/site/widget...

6.1CVSS4.5AI score0.00368EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2024/10/01 3:32 p.m.24 views

Pagekit Cross-site Scripting vulnerability

Pagekit 1.0.18 is vulnerable to Cross Site Scripting XSS in index.php/admin/site/widget...

4.7CVSS6AI score0.00368EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2024/10/01 3:15 p.m.22 views

CVE-2024-45967

Pagekit 1.0.18 is vulnerable to Cross Site Scripting XSS in index.php/admin/site/widget...

4.7CVSS0.00368EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/10/01 12:0 a.m.4 views

Pagekit 安全漏洞

Pagekit is a modular, lightweight CMS Content Management System from Pagekit open source. A security vulnerability exists in Pagekit version 1.0.18, which stems from a cross-site scripting vulnerability found in index.php/admin/site/widget...

4.7CVSS6.2AI score0.00368EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/10/01 12:0 a.m.35 views

CVE-2024-45967

Pagekit 1.0.18 is vulnerable to Cross Site Scripting XSS in index.php/admin/site/widget...

0.00368EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/10/01 12:0 a.m.17 views

CVE-2024-45967

Pagekit 1.0.18 is vulnerable to Cross Site Scripting XSS in index.php/admin/site/widget...

6AI score0.00368EPSS
Exploits1References1
Rows per page
Query Builder