CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-8818

Malware in sbrugna...

9.8CVSS9.5AI score0.0025EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-9075

Malware in sbrugna...

6.1CVSS6.3AI score0.0024EPSS

Exploits0References2

Prion•added 2019/03/07 11:29 p.m.•16 views

Cross site request forgery (csrf)

An issue was discovered in UCMS 1.4.6. There is XSS in the title bar, as demonstrated by a do=list request...

4.3CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/03/07 10:0 p.m.•19 views

CVE-2018-16804

An issue was discovered in UCMS 1.4.6. There is XSS in the title bar, as demonstrated by a do=list request...

6AI score0.0024EPSS

Exploits1References1

OSV•added 2018/09/21 6:29 p.m.•3 views

CVE-2018-17320

An issue was discovered in UCMS 1.4.6. aaddpost.php has stored XSS via the sadmin/aindex.php minfo parameter in a sadminaaddpost action...

6.1CVSS5.8AI score0.0024EPSS

Exploits0References1

NVD•added 2018/09/21 6:29 p.m.•12 views

CVE-2018-17320

An issue was discovered in UCMS 1.4.6. aaddpost.php has stored XSS via the sadmin/aindex.php minfo parameter in a sadminaaddpost action...

6.1CVSS6AI score0.0024EPSS

Exploits0References1

Cvelist•added 2018/09/21 6:0 p.m.•16 views

CVE-2018-17320

An issue was discovered in UCMS 1.4.6. aaddpost.php has stored XSS via the sadmin/aindex.php minfo parameter in a sadminaaddpost action...

6AI score0.0024EPSS

Exploits0References1

Prion•added 2018/09/14 7:29 a.m.•20 views

Sql injection

UCMS 1.4.6 has SQL injection during installation via the install/index.php mysqldbname parameter...

7.5CVSS9.8AI score0.0025EPSS

Exploits1References1Affected Software1

OSV•added 2018/09/14 7:29 a.m.•2 views

CVE-2018-17036

An issue was discovered in UCMS 1.4.6 and 1.6. It allows PHP code injection during installation via the systemdomain parameter to install/index.php, as demonstrated by injecting a phpinfo call into /inc/config.php...

9.8CVSS5.8AI score0.00486EPSS

Exploits1References1

NVD•added 2018/09/14 7:29 a.m.•15 views

CVE-2018-17035

UCMS 1.4.6 has SQL injection during installation via the install/index.php mysqldbname parameter...

9.8CVSS9.9AI score0.0025EPSS

Exploits1References1

NVD•added 2018/09/14 7:29 a.m.•17 views

CVE-2018-17034

UCMS 1.4.6 has XSS via the install/index.php mysqldbname parameter...

6.1CVSS6.1AI score0.0024EPSS

Exploits1References1

Prion•added 2018/09/14 7:29 a.m.•13 views

Code injection

UCMS 1.4.6 has XSS via the install/index.php mysqldbname parameter...

4.3CVSS6AI score0.0024EPSS

Exploits1References1Affected Software1

Prion•added 2018/09/14 7:29 a.m.•10 views

Design/Logic Flaw

user/editpost.php in UCMS 1.4.6 mishandles levels, which allows escalation from the normal user level of 1 to the superuser level of 3...

6.5CVSS8.7AI score0.00357EPSS

Exploits1References1Affected Software1

Cvelist•added 2018/09/14 7:0 a.m.•16 views

CVE-2018-17035

UCMS 1.4.6 has SQL injection during installation via the install/index.php mysqldbname parameter...

10AI score0.0025EPSS

Exploits1References1

Cvelist•added 2018/09/14 7:0 a.m.•14 views

CVE-2018-17036

9.7AI score0.00486EPSS

Exploits1References1

Cvelist•added 2018/09/14 7:0 a.m.•19 views

CVE-2018-17034

UCMS 1.4.6 has XSS via the install/index.php mysqldbname parameter...

6.1AI score0.0024EPSS

Exploits1References1

Cvelist•added 2018/09/14 7:0 a.m.•13 views

CVE-2018-17037

user/editpost.php in UCMS 1.4.6 mishandles levels, which allows escalation from the normal user level of 1 to the superuser level of 3...

8.8AI score0.00357EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by