CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

RedhatCVE•added 2026/01/09 11:59 a.m.•5 views

CVE-2018-19898

ThinkCMF X2.2.2 has SQL Injection via the method editpost in ArticleController.class.php and is exploitable by normal authenticated users via the postid1 parameter in an article editpost action...

8.8CVSS8.1AI score0.0034EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:59 a.m.•4 views

CVE-2018-19894

ThinkCMF X2.2.2 has SQL Injection via the functions check and delete in CommentadminController.class.php and is exploitable with the manager privilege via the ids parameter in a commentadmin action...

7.2CVSS8.3AI score0.00277EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 6:45 a.m.•3 views

CVE-2018-19895

ThinkCMF X2.2.2 has SQL Injection via the function editpost in NavController.class.php and is exploitable with the manager privilege via the parentid parameter in a nav action...

7.2CVSS8.3AI score0.00277EPSS

Exploits1References1

OSV•added 2021/12/22 11:15 p.m.•19 views

CVE-2020-20601

An issue in ThinkCMF X2.2.2 and below allows attackers to execute arbitrary code via a crafted packet...

9.8CVSS7.7AI score

Exploits0References1

Cvelist•added 2021/12/22 10:43 p.m.•12 views

CVE-2020-20601

An issue in ThinkCMF X2.2.2 and below allows attackers to execute arbitrary code via a crafted packet...

9.6AI score0.57706EPSS

Exploits1References1

Prion•added 2018/12/06 4:29 a.m.•10 views

Sql injection

ThinkCMF X2.2.2 has SQL Injection via the function delete in SlideController.class.php and is exploitable with the manager privilege via the ids parameter in a slide action...

6.5CVSS7.5AI score0.00277EPSS

Exploits1References1Affected Software1

Prion•added 2018/12/06 4:29 a.m.•12 views

Sql injection

ThinkCMF X2.2.2 has SQL Injection via the method editpost in ArticleController.class.php and is exploitable by normal authenticated users via the postid1 parameter in an article editpost action...

6.5CVSS9AI score0.0034EPSS

Exploits1References1Affected Software1

NVD•added 2018/12/06 4:29 a.m.•16 views

CVE-2018-19898

ThinkCMF X2.2.2 has SQL Injection via the method editpost in ArticleController.class.php and is exploitable by normal authenticated users via the postid1 parameter in an article editpost action...

8.8CVSS9.1AI score0.0034EPSS

Exploits1References1

OSV•added 2018/12/06 4:29 a.m.•14 views

CVE-2018-19895

ThinkCMF X2.2.2 has SQL Injection via the function editpost in NavController.class.php and is exploitable with the manager privilege via the parentid parameter in a nav action...

7.2CVSS8.2AI score

Exploits0References1

OSV•added 2018/12/06 4:29 a.m.•14 views

CVE-2018-19898

ThinkCMF X2.2.2 has SQL Injection via the method editpost in ArticleController.class.php and is exploitable by normal authenticated users via the postid1 parameter in an article editpost action...

8.8CVSS8AI score

Exploits0References1

NVD•added 2018/12/06 4:29 a.m.•11 views

CVE-2018-19897

ThinkCMF X2.2.2 has SQL Injection via the function listorders in AdminbaseController.class.php and is exploitable with the manager privilege via the listorderskey1 parameter in a Link listorders action...

7.2CVSS7.5AI score0.00277EPSS

Exploits1References1

Cvelist•added 2018/12/06 4:0 a.m.•15 views

CVE-2018-19898

ThinkCMF X2.2.2 has SQL Injection via the method editpost in ArticleController.class.php and is exploitable by normal authenticated users via the postid1 parameter in an article editpost action...

9.1AI score0.0034EPSS

Exploits1References1

Cvelist•added 2018/12/06 4:0 a.m.•18 views

CVE-2018-19894

7.6AI score0.00277EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by