CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Prion•added 2023/01/26 9:18 p.m.•14 views

Sql injection

Tuzicms v2.0.6 was discovered to contain a SQL injection vulnerability via the component \App\Manage\Controller\UserController.class.php...

7.5CVSS9.7AI score0.0025EPSS

Exploits1References1Affected Software1

CNVD•added 2021/11/16 12:0 a.m.•19 views

ShowDoc Cross-Site Request Forgery Vulnerability

ShowDoc is an open source tool for IT teams to share documents online. ShowDoc is vulnerable to cross-site request forgery, which stems from the lack of effective filtering and restriction of cookies set in the software's UserController.class.php, and can be exploited by attackers to cause...

5.8CVSS3.7AI score0.00112EPSS

Exploits1References1

Veracode•added 2021/11/15 4:27 a.m.•23 views

Cross-site Request Forgery (CSRF)

showdoc/showdoc is vulnerable to cross-site request forgery. The vulnerability exists through the register function in UserController.class.php, allowing an attacker to add any member to the team...

5.4CVSS4AI score0.00112EPSS

Exploits1References3Affected Software1