Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/09/25 2:54 a.m.3 views

CVE-2025-59821

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.1.0, DNN’s URL/path handling and template rendering can allow specially crafted input to be reflected into a user profile that is returned to the browser. In these cases,...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/03 12:0 a.m.11 views

PT-2025-27826 · Bolt Cms · Bolt Cms

Name of the Vulnerable Software and Affected Versions: Bolt CMS versions 3.7.0 and earlier Description: The issue allows an authenticated user to achieve remote code execution. This is done by injecting arbitrary PHP code into the displayname field of the user profile, which is rendered unsanitiz...

7.5CVSS7.2AI score0.02148EPSS
Exploits1References13
OSV
OSV
added 2024/02/06 8:16 p.m.0 views

CVE-2024-22238

Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization...

4.8CVSS5.3AI score
Exploits0References1
Cvelist
Cvelist
added 2023/03/02 6:48 p.m.43 views

CVE-2023-26055 XWiki Commons may allow privilege escalation to programming rights via user's first name

XWiki Commons are technical libraries common to several other top level XWiki projects. Starting in version 3.1-milestone-1, any user can edit their own profile and inject code, which is going to be executed with programming right. The same vulnerability can also be exploited in all other places...

9.9CVSS9.6AI score0.01163EPSS
Exploits1References4
seebug.org
seebug.org
added 2008/07/14 12:0 a.m.15 views

MFORUM 0.1a Arbitrary Add-Admin Vulnerability

No description provided by source. ================================================= MFORUM 0.1a Arbitrary Add-Admin Vulnerability ================================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/07/13 12:0 a.m.26 views

MFORUM 0.1a Arbitrary Add-Admin Vulnerability

Exploit for unknown platform in category web applications ============================================= MFORUM 0.1a Arbitrary Add-Admin Vulnerability ============================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

7.1AI score
Exploits0
Rows per page
Query Builder