CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/05/22 6:33 a.m.•4 views

CVE-2018-13865

An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism...

6.1CVSS6.1AI score0.0024EPSS

Exploits1References1

OSV•added 2018/09/14 7:29 a.m.•1 views

CVE-2018-17049

CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback parameter in an uploadpic action...

6.1CVSS5.8AI score0.0028EPSS

Exploits1References1

NVD•added 2018/09/14 7:29 a.m.•10 views

CVE-2018-17049

CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback parameter in an uploadpic action...

6.1CVSS6AI score0.0028EPSS

Exploits1References1

CVE•added 2018/09/14 7:0 a.m.•36 views

CVE-2018-17049

CVE-2018-17049 affects CQU-LANKERS up to 2017-11-02. Vulnerability: cross-site scripting (XSS) via the public/api.php callback parameter in the uploadpic action. Root cause: unsanitized callback parameter leading to script injection. Impact: enables injection of client-side scripts (as documented...

6.1CVSS5.9AI score0.0028EPSS

Exploits1References1Affected Software1

Cvelist•added 2018/09/14 7:0 a.m.•8 views

CVE-2018-17049

CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback parameter in an uploadpic action...

6AI score0.0028EPSS

Exploits1References1

Prion•added 2018/07/10 8:29 p.m.•11 views

Design/Logic Flaw

An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism...

4.3CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1

NVD•added 2018/07/10 8:29 p.m.•8 views

CVE-2018-13865

An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism...

6.1CVSS6AI score0.0024EPSS

Exploits1References1

OSV•added 2018/07/10 8:29 p.m.•2 views

CVE-2018-13865

An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism...

6.1CVSS5.8AI score0.0024EPSS

Exploits1References1

Cvelist•added 2018/07/10 8:0 p.m.•14 views

CVE-2018-13865

An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism...

6AI score0.0024EPSS

Exploits1References1

myhack58•added 2011/02/04 12:0 a.m.•16 views

Shenzhen College of Information Technology V3. 0 injection vulnerability-vulnerability warning-the black bar safety net

Publishing author: xiaokis Affected version: V3. 0 Vulnerability type: SQL injection Vulnerability description: File: the newss. asp % on error resume next sql="update news set hits=hits+1 where id="&cstrrequest"id" conn. execute sql set rs=server. createobject"adodb. recordset" sql="select from...

7.4AI score

Exploits0

myhack58•added 2007/05/22 12:0 a.m.•71 views

Ray Chi-news publishing system(any version)exploit-vulnerability warning-the black bar safety net

Copyright to the vulnerability discoverer focn all, reproduced please keep the article intact, and indicate the source of! This article only do the study with, to any person for any illegal purpose himself does not bear any responsibility! Author: black radish System: ray Chi press release...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by