CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

OSV•added 2020/11/30 2:15 p.m.•2 views

CVE-2020-28978

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/tree.php?subdomain=SSRF...

5.3CVSS6.1AI score0.10409EPSS

Exploits3References5

OSV•added 2019/01/16 4:29 p.m.•2 views

DEBIAN-CVE-2018-20726

A cross-site scripting XSS vulnerability exists in host.php via tree.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices...

5.4CVSS5.9AI score0.0051EPSS

Exploits1References1

OSV•added 2017/07/17 1:18 p.m.•1 views

UBUNTU-CVE-2017-1000032

Cross-Site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parentid parameter to tree.php and drpaction parameter to datasources.php...

6.1CVSS6.9AI score0.00196EPSS

Exploits0References3

OSV•added 2016/04/12 4:59 p.m.•0 views

UBUNTU-CVE-2016-3172

SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parentid parameter in an itemedit action...

8.8CVSS7.7AI score0.00587EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by