CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

NVD•added 2019/07/28 5:15 p.m.•8 views

CVE-2019-14352

In Joget Workflow 6.0.20, CSV Injection, also known as Formula Injection, exists, as demonstrated by jw/web/userview/crmcommunity/crmuserviewsales//accountnew with the Account ID or Account Name field. NOTE: the vendor disputes the relevance of this finding because CSV is not the intended export...

7.8CVSS7.7AI score0.00189EPSS

Exploits1References1

ATTACKERKB•added 2017/12/20 3:29 a.m.•2 views

CVE-2017-17778

Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter or the admin/userview.php uid parameter...

4.8CVSS5.1AI score0.00235EPSS

Exploits1References2

OSV•added 2017/12/20 3:29 a.m.•1 views

CVE-2017-17777

Paid To Read Script 2.0.5 has authentication bypass in the admin panel via a direct request, as demonstrated by the admin/viewvisitcamp.php fn parameter and the admin/userview.php uid parameter...

9.8CVSS5.8AI score

Exploits0References1

OSV•added 2017/12/20 3:29 a.m.•1 views

CVE-2017-17778

Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter or the admin/userview.php uid parameter...

4.8CVSS5.8AI score

Exploits0References1

OSV•added 2017/12/20 3:29 a.m.•1 views

CVE-2017-17776

Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter...

5.3CVSS5.8AI score0.00232EPSS

Exploits1References1

ATTACKERKB•added 2017/12/20 3:29 a.m.•1 views

CVE-2017-17776

Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter...

5.3CVSS5.7AI score0.00232EPSS

Exploits1References2

CNVD•added 2017/12/20 12:0 a.m.•1 views

Paid To Read Script Cross-Site Scripting Vulnerability

PHP Scripts Mall Paid To Read Script is a set of paid to read website scripts by PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Paid To Read Script version 2.0.5. A remote attacker can exploit this vulnerability by sending the 'tier' parameter to the...

4.8CVSS6.3AI score0.00235EPSS

Exploits1References1

CNVD•added 2017/12/20 12:0 a.m.•1 views

PHP Scripts Mall Paid To Read Script SQL Injection Vulnerability

PHP Scripts Mall Paid To Read Script is a set of paid to read website scripts by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Paid To Read Script version 2.0.5. A remote attacker can inject SQL into the Paid To Read Script 2.0.5 by sending the 'uid' parameter t...

9.8CVSS8.2AI score0.02512EPSS

Exploits5References1

Prion•added 2017/12/18 9:29 a.m.•10 views

Sql injection

Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter...

7.5CVSS9.9AI score0.02512EPSS

Exploits5References2Affected Software1

NVD•added 2006/05/31 10:6 a.m.•13 views

CVE-2006-2696

Cross-site scripting XSS vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 startletter parameter in userview.asp and the 2 catid parameter in topics.asp...

6.8CVSS6AI score0.00726EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by