CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-13415

Malware in sbrugna...

5.4CVSS5.5AI score0.00221EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 3:33 a.m.•5 views

CVE-2018-20877

cPanel before 74.0.8 allows self XSS in WHM Style Upload interface SEC-437...

5.4CVSS6.1AI score0.00221EPSS

Exploits0References1

PyPA•added 2023/02/27 9:15 p.m.•4 views

PYSEC-2023-15

GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. GeoNode is vulnerable to an XML External Entity XXE injection in the style upload functionality of GeoServer leading to Arbitrary File Read. This issue has been patched in version...

6.5CVSS7.6AI score0.00234EPSS

Exploits1References3Affected Software1

Prion•added 2023/02/27 9:15 p.m.•8 views

Xxe

4CVSS6.6AI score0.00234EPSS

Exploits1References2Affected Software1

CVE•added 2023/02/27 8:37 p.m.•110 views

CVE-2023-26043

CVE-2023-26043 is an XXE injection in GeoNode’s GeoServer style upload pathway that can lead to an authenticated Arbitrary File Read. The vulnerability stems from the server-side parsing of user-supplied SLD files (style uploads) without proper entity resolution, enabling an attacker to read file...

6.5CVSS6.6AI score0.00234EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2023/02/27 12:0 a.m.•2 views

PT-2023-20446 · Geoserver +1 · Geoserver +1

Name of the Vulnerable Software and Affected Versions: GeoNode versions prior to 4.0.3 Description: GeoNode is vulnerable to an XML External Entity XXE injection in the style upload functionality of GeoServer, leading to Arbitrary File Read. The issue arises from the dataset style upload view,...

7.1CVSS7.3AI score0.00234EPSS

Exploits1References11

Prion•added 2019/08/02 1:15 p.m.•10 views

Sql injection

cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upload SEC-314...

9CVSS7.5AI score0.016EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/08/02 12:30 p.m.•11 views

CVE-2017-18387

cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upload SEC-314...

7.5AI score0.016EPSS

Exploits0References1

CVE•added 2019/08/02 12:30 p.m.•48 views

CVE-2017-18387

Affected software: cPanel prior to 68.0.15. The vulnerability is an arbitrary code execution via Maketext injection in a Reseller style upload (SEC-314). Root cause: Maketext injection allows code execution, enabling an attacker to run arbitrary code with high integrity/availability impact. Explo...

9CVSS7.5AI score0.016EPSS

Exploits0References2Affected Software1

NVD•added 2019/08/01 1:15 p.m.•9 views

CVE-2018-20877

cPanel before 74.0.8 allows self XSS in WHM Style Upload interface SEC-437...

5.4CVSS5.3AI score0.00221EPSS

Exploits0References1

OSV•added 2019/08/01 1:15 p.m.•1 views

CVE-2018-20877

cPanel before 74.0.8 allows self XSS in WHM Style Upload interface SEC-437...

5.4CVSS5.8AI score0.00221EPSS

Exploits0References1

Prion•added 2019/08/01 1:15 p.m.•10 views

Design/Logic Flaw

cPanel before 74.0.8 allows self XSS in WHM Style Upload interface SEC-437...

3.5CVSS5.2AI score0.00221EPSS

Exploits0References1Affected Software1

CVE•added 2019/08/01 12:44 p.m.•44 views

CVE-2018-20877

CVE-2018-20877 affects cPanel prior to 74.0.8, where the WHM Style Upload interface is vulnerable to self-XSS. The underlying issue is rooted in client-side data handling that allows arbitrary script execution within the UI. Exploitation details are not provided in the supplied documents beyond t...

5.4CVSS5.2AI score0.00221EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by