Lucene search
K

25 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-10823

Malware in sbrugna...

6.5CVSS6.6AI score0.0122EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2018-10805

Malware in sbrugna...

5.4CVSS5.5AI score0.00667EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-10806

Malware in sbrugna...

5.4CVSS5.5AI score0.00667EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-10804

Malware in sbrugna...

5.4CVSS5.5AI score0.00667EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/08/12 12:29 p.m.7 views

CVE-2025-8807

A vulnerability was found in xujeff tianti 天梯 up to 2.3. It has been declared as critical. This vulnerability affects unknown code of the file /tianti-module-admin/user/ajax/save. The manipulation leads to missing authorization. The attack can be initiated remotely. The exploit has been disclosed...

8.8CVSS7.2AI score0.00369EPSS
Exploits1References1
Prion
Prion
added 2018/11/08 8:29 a.m.17 views

Code injection

tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column...

6.5CVSS8.2AI score0.01771EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/11/08 8:29 a.m.12 views

CVE-2018-19110

The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because controller\usercontroller.java maps a /skin/list request to the function skinList, and lacks an authorization chec...

6.5CVSS6.2AI score0.0122EPSS
Exploits1References1
NVD
NVD
added 2018/11/08 8:29 a.m.18 views

CVE-2018-19109

tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column...

8.8CVSS8.3AI score0.01771EPSS
Exploits1References1
OSV
OSV
added 2018/11/08 8:29 a.m.17 views

CVE-2018-19109

tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column...

8.8CVSS6.4AI score
Exploits0References1
OSV
OSV
added 2018/11/08 8:29 a.m.15 views

CVE-2018-19110

The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because controller\usercontroller.java maps a /skin/list request to the function skinList, and lacks an authorization chec...

6.5CVSS6.5AI score
Exploits0References1
Cvelist
Cvelist
added 2018/11/08 8:0 a.m.19 views

CVE-2018-19109

tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column...

8.3AI score0.01771EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/08 8:0 a.m.18 views

CVE-2018-19110

The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because controller\usercontroller.java maps a /skin/list request to the function skinList, and lacks an authorization chec...

6.2AI score0.0122EPSS
Exploits1References1
NVD
NVD
added 2018/11/07 7:29 p.m.12 views

CVE-2018-19090

tianti 2.3 has stored XSS in the article management module via an article title...

5.4CVSS5.3AI score0.00667EPSS
Exploits1References1
NVD
NVD
added 2018/11/07 7:29 p.m.14 views

CVE-2018-19089

tianti 2.3 has stored XSS in the userlist module via the tianti-module-admin/user/ajax/saverole name parameter, which is mishandled in tianti-module-admin\src\main\webapp\WEB-INF\views\user\userlist.jsp...

5.4CVSS5.3AI score0.00667EPSS
Exploits1References1
Prion
Prion
added 2018/11/07 7:29 p.m.12 views

Cross site scripting

tianti 2.3 has stored XSS in the article management module via an article title...

3.5CVSS5.2AI score0.00667EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/11/07 7:29 p.m.15 views

CVE-2018-19091

tianti 2.3 has reflected XSS in the user management module via the tianti-module-admin/user/list userName parameter...

5.4CVSS5.3AI score0.00667EPSS
Exploits1References1
Prion
Prion
added 2018/11/07 7:29 p.m.12 views

Cross site scripting

tianti 2.3 has reflected XSS in the user management module via the tianti-module-admin/user/list userName parameter...

3.5CVSS5.2AI score0.00667EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/11/07 7:29 p.m.11 views

CVE-2018-19091

tianti 2.3 has reflected XSS in the user management module via the tianti-module-admin/user/list userName parameter...

5.4CVSS6AI score
Exploits0References1
Prion
Prion
added 2018/11/07 7:29 p.m.13 views

Cross site scripting

tianti 2.3 has stored XSS in the userlist module via the tianti-module-admin/user/ajax/saverole name parameter, which is mishandled in tianti-module-admin\src\main\webapp\WEB-INF\views\user\userlist.jsp...

3.5CVSS5.2AI score0.00667EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/11/07 7:29 p.m.10 views

CVE-2018-19089

tianti 2.3 has stored XSS in the userlist module via the tianti-module-admin/user/ajax/saverole name parameter, which is mishandled in tianti-module-admin\src\main\webapp\WEB-INF\views\user\userlist.jsp...

5.4CVSS5.8AI score0.00667EPSS
Exploits1References1
Rows per page
Query Builder