CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

34 matches found

NVD•added 2025/11/07 3:15 p.m.•3 views

CVE-2025-12859

A vulnerability has been found in DedeBIZ up to 6.3.2. This impacts an unknown function of the file /admin/templetsoneedit.php. The manipulation of the argument ids leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used...

7.2CVSS0.00029EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-14203

Malware in sbrugna...

6.5CVSS6.5AI score0.00319EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-24938

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00071EPSS

Exploits1References7

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-35485

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.00378EPSS

Exploits1References1

Tenable Nessus•added 2025/09/10 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2020-18184

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametresedittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into...

7.2CVSS7.6AI score0.00611EPSS

Exploits1References2

RedhatCVE•added 2025/08/16 7:23 p.m.•6 views

CVE-2025-8975

A vulnerability was identified in givanz Vvveb up to 1.0.5. This affects an unknown part of the file admin/template/content/edit.tpl. The manipulation of the argument slug leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public a...

5.4CVSS6.5AI score0.00071EPSS

Exploits1References1

CVE•added 2025/08/14 6:32 p.m.•14 views

CVE-2025-8975

CVE-2025-8975 affects givanz Vvveb up to 1.0.5, where the slug parameter is mishandled in the file admin/template/content/edit.tpl, enabling cross-site scripting. The issue can be exploited remotely and the exploit has been disclosed publicly. A fix is available in version 1.0.6; patch hash: 84c1...

5.4CVSS6.4AI score0.00071EPSS

Exploits1References7Affected Software1

Positive Technologies•added 2025/08/14 12:0 a.m.•4 views

PT-2025-33404 · Unknown · Givanz Vvveb

Name of the Vulnerable Software and Affected Versions: givanz Vvveb versions up to 1.0.5 Description: A vulnerability was identified in givanz Vvveb up to version 1.0.5. This affects an unknown part of the file admin/template/content/edit.tpl. The manipulation of the argument slug leads to...

5.4CVSS3.8AI score0.00071EPSS

Exploits1References11

OSV•added 2024/09/13 6:15 p.m.•0 views

CVE-2024-8782

A vulnerability was found in JFinalCMS up to 1.0. It has been rated as critical. This issue affects the function delete of the file /admin/template/edit. The manipulation of the argument name leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the publ...

9.8CVSS5.5AI score0.00115EPSS

Exploits1References5

Positive Technologies•added 2024/09/13 12:0 a.m.•1 views

PT-2024-39248 · Jfinalcms · Jfinalcms

Name of the Vulnerable Software and Affected Versions: JFinalCMS versions up to 1.0 Description: A critical issue affects the delete function of the file /admin/template/edit. The manipulation of the name argument leads to path traversal, allowing an attacker to delete arbitrary files. This issue...

9.8CVSS6.8AI score0.00115EPSS

Exploits1References10

CNNVD•added 2024/08/29 12:0 a.m.•1 views

Jpress 路径遍历漏洞

Jpress is a blogging platform developed by Jpress team using Java language. A path traversal vulnerability exists in Jpress version 5.1.1 and earlier versions, which stems from a path traversal vulnerability in /admin/template/edit...

5.8CVSS5AI score0.00184EPSS

Exploits1References5

Positive Technologies•added 2024/08/29 12:0 a.m.•1 views

PT-2024-38929 · Jpress · Jpress

Name of the Vulnerable Software and Affected Versions: jpress versions up to 5.1.1 Description: A critical vulnerability has been found in the Template Module Handler component of jpress, affecting an unknown functionality of the file /admin/template/edit. The manipulation leads to path traversal...

5.8CVSS5.1AI score0.00184EPSS

Exploits1References11

CNNVD•added 2023/07/01 12:0 a.m.•1 views

WordPress Plugin Contact Form 7 Style 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

4.3CVSS5AI score0.00142EPSS

Exploits1References10

CNNVD•added 2023/01/27 12:0 a.m.•2 views

AyaCMS 安全漏洞

AyaCMS is an extremely simple and free open source PHP website builder. A security vulnerability exists in AyaCMS version v3.1.2, which stems from its /admin/tpledit.inc.php component that allows an attacker to achieve remote code execution...

7.2CVSS7.5AI score0.04249EPSS

Exploits1References2

CNNVD•added 2022/12/06 12:0 a.m.•1 views

FastCMS 代码注入漏洞

FastCMS is a content management system from FastCMS, Inc. FastCMS has a security vulnerability that originates from some unknown handling of the file /template/edit of the component template handler, which is manipulated to cause an injection...

8.8CVSS7.7AI score0.00476EPSS

Exploits1References4

OSV•added 2022/07/01 10:15 p.m.•0 views

CVE-2022-32412

An issue in the /template/edit component of HongCMS v3.0 allows attackers to getshell...

7.2CVSS5.8AI score0.00378EPSS

Exploits1References1

NVD•added 2022/07/01 10:15 p.m.•11 views

CVE-2022-32412

An issue in the /template/edit component of HongCMS v3.0 allows attackers to getshell...

7.2CVSS0.00378EPSS

Exploits1References1