CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Cacti v1.2.8 - Remote Code Execution

Cacti v1.2.8 is susceptible to remote code execution. This vulnerability could be exploited without authentication if "Guest Realtime Graphs" privileges are enabled. id: CVE-2020-8813 info: name: Cacti v1.2.8 - Remote Code Execution author: gy741 severity: high description: Cacti v1.2.8 is...

9.3CVSS7.1AI score0.93591EPSS

Exploits24References5

Prion•added 2022/12/09 10:15 p.m.•13 views

Design/Logic Flaw

User invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can be used again after an account has been deleted...

5CVSS5.4AI score0.00454EPSS

Exploits1References1Affected Software1

CVE•added 2022/12/09 12:0 a.m.•54 views

CVE-2022-45292

CVE-2022-45292 affects Funkwhale v1.2.8. The vulnerability is that user invites do not permanently expire after signup and invites can be reused after the associated account is deleted, enabling potential reuse of invitations and account abuse. The connected PT-2022-27460 entry provides the affec...

5.3CVSS5.4AI score0.00454EPSS

Exploits1References1Affected Software1

NVD•added 2022/04/12 5:15 p.m.•8 views

CVE-2022-27260

An arbitrary file upload vulnerability in the file upload component of ButterCMS v1.2.8 allows attackers to execute arbitrary code via a crafted SVG file...

9.8CVSS0.00618EPSS

Exploits1References4

Prion•added 2022/04/12 5:15 p.m.•13 views

Design/Logic Flaw

An arbitrary file upload vulnerability in the file upload component of ButterCMS v1.2.8 allows attackers to execute arbitrary code via a crafted SVG file...

7.5CVSS9.5AI score0.00618EPSS

Exploits1References4Affected Software1

Japan Vulnerability Notes•added 2021/07/08 12:0 a.m.•22 views

JVN#48413554: WordPress Plugin "WordPress Meta Data Filter & Taxonomies Filter" vulnerable to cross-site request forgery

WordPress Plugin "WordPress Meta Data Filter & Taxonomies Filter" provided by realmag777 contains a cross-site request forgery vulnerability CWE-352. Impact If a user with an administrative privilege views a malicious page while logged in, unintended operations may be performed. Solution Update t...

8.8CVSS8.7AI score0.00147EPSS

Exploits0

GithubExploit•added 2021/05/28 5:55 p.m.•60 views

Exploit for OS Command Injection in Cacti

CVE-2020-8813 Cacti v1.2.8 Unauthenticated Remote Code Executi...

9.3CVSS8.9AI score0.93591EPSS

Exploits24

Vulnerability Lab•added 2020/05/08 12:0 a.m.•43 views

cpCommerce v1.2.8 - (id_document) Blind SQL Injection

Document Title: =============== cpCommerce v1.2.8 - iddocument Blind SQL Injection References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2254 Release Date: ============= 2020-05-08 Vulnerability Laboratory ID VL-ID: ==================================== 2254...

7.4AI score

Exploits0

Exploit DB•added 2020/03/02 12:0 a.m.•570 views

Cacti v1.2.8 - Unauthenticated Remote Code Execution (Metasploit)

Exploit Title: Cacti v1.2.8 - Unauthenticated Remote Code Execution Metasploit Date: 2020-02-29 Exploit Author: Lucas Amorim sh286s CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: Linux This module requires Metasploit: https://metasploit.com/download Current...

9.3CVSS8.8AI score0.93591EPSS

Exploits24

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by