Lucene search
+L

76 matches found

nuclei
nuclei
added yesterday45 views

u5cms v8.3.5 - Open Redirect

u5cms version 8.3.5 contains a URL redirection vulnerability that can cause a user's browser to be redirected to another site via /loginsave.php. id: CVE-2022-32444 info: name: u5cms v8.3.5 - Open Redirect author: 0xAkoko severity: medium description: | u5cms version 8.3.5 contains a URL...

6.1CVSS6.3AI score0.02246EPSS
Exploits1References4
nvd
nvd
added 2026/07/02 12:16 p.m.6 views

CVE-2026-14449

u5CMS through v12.8.8 is vulnerable to reflected XSS via the ‘thanks’ parameter in multiple form components...

6.4CVSS0.00269EPSS
Exploits0References1
cve
cve
added 2026/07/02 11:47 a.m.16 views

CVE-2026-14449

CVE-2026-14449 affects u5CMS up to v12.8.8 and is a reflected XSS via the ‘thanks’ parameter in multiple form components. The issue is described as a reflected XSS with a CVSS v4.0 base score of 6.4 (Medium) with network attack vector, no privileges required, and user interaction required. The un...

6.4CVSS5.8AI score0.00269EPSS
Exploits0References1
osv
osv
added 2026/07/02 11:47 a.m.3 views

CVE-2026-14449 POST-based reflected XSS via the thanks parameter in form components

u5CMS through v12.8.8 is vulnerable to reflected XSS via the ‘thanks’ parameter in multiple form components...

6.4CVSS5.9AI score0.00269EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.11 views

EUVD-2015-1707

Malware in sbrugna...

4.3CVSS6.4AI score0.03284EPSS
Exploits2References4
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2015-1710

Malware in sbrugna...

5.8CVSS6.4AI score0.06559EPSS
Exploits2References3
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2015-1708

Malware in sbrugna...

7.5CVSS6.4AI score0.02125EPSS
Exploits2References3
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-37839

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00616EPSS
Exploits1References1
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-35514

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00743EPSS
Exploits1References1
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-35516

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.02246EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 11:6 p.m.9 views

CVE-2022-34937

Yuba u5cms v8.3.5 was discovered to contain a Cross-Site Request Forgery CSRF via the component savepage.php. This vulnerability allows attackers to execute arbitrary code...

8.8CVSS8.1AI score0.00616EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 10:57 p.m.13 views

CVE-2022-32442

u5cms version 8.3.5 is vulnerable to Cross Site Scripting XSS. When a user accesses the default home page if the parameter passed in is http://127.0.0.1/? "Onmouseover=%27tzgl 96502%27bad=", it can cause html injection...

6.1CVSS6.4AI score0.00743EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 10:57 p.m.8 views

CVE-2022-32444

An issue was discovered in u5cms verion 8.3.5 There is a URL redirection vulnerability that can cause a user's browser to be redirected to another site via /loginsave.php...

6.1CVSS6.6AI score0.02246EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 9:37 a.m.17 views

CVE-2015-1576

Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to 1 copy2.php, 2 localize.php, 3 metai.php, 4 nc.php, 5 new2.php, or 6 rename2.php in u5admin/; 7 c parameter to u5admin/editor.php; 8 typ parameter to...

7.5CVSS8.9AI score0.02125EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 9:35 a.m.14 views

CVE-2015-1575

Multiple cross-site scripting XSS vulnerabilities in u5CMS before 3.9.4 allow remote attackers to inject arbitrary web script or HTML via the 1 c, 2 i, 3 l, or 4 p parameter to index.php; the 5 a or 6 b parameter to u5admin/cookie.php; the name parameter to 7 copy.php or 8 delete.php in u5admin/;...

4.3CVSS5.9AI score0.03284EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 6:38 a.m.18 views

CVE-2015-1577

Directory traversal vulnerability in u5admin/deletefile.php in u5CMS before 3.9.4 allows remote attackers to write to arbitrary files via a 1 .. dot dot or 2 full pathname in the f parameter...

6.4CVSS7.1AI score0.07268EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 3:4 a.m.13 views

CVE-2015-1578

Multiple open redirect vulnerabilities in u5CMS before 3.9.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the 1 pidvesa cookie to u5admin/pidvesa.php or 2 uri parameter to u5admin/meta2.php...

5.8CVSS7.2AI score0.06559EPSS
Exploits2References1
attackerkb
attackerkb
added 2022/08/03 1:15 a.m.1 views

CVE-2022-34937

Yuba u5cms v8.3.5 was discovered to contain a Cross-Site Request Forgery CSRF via the component savepage.php. This vulnerability allows attackers to execute arbitrary code...

8.8CVSS6.1AI score0.00616EPSS
Exploits1References2
nvd
nvd
added 2022/08/03 1:15 a.m.27 views

CVE-2022-34937

Yuba u5cms v8.3.5 was discovered to contain a Cross-Site Request Forgery CSRF via the component savepage.php. This vulnerability allows attackers to execute arbitrary code...

8.8CVSS0.00616EPSS
Exploits1References1
prion
prion
added 2022/08/03 1:15 a.m.24 views

Cross site request forgery (csrf)

Yuba u5cms v8.3.5 was discovered to contain a Cross-Site Request Forgery CSRF via the component savepage.php. This vulnerability allows attackers to execute arbitrary code...

6.8CVSS9AI score0.00616EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder