CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2024/09/09 8:15 p.m.•12 views

CVE-2024-44725

AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at /admin/robot.php...

7.2CVSS0.00107EPSS

Vulnrichment•added 2024/09/09 12:0 a.m.•9 views

CVE-2024-44725

AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at /admin/robot.php...

8.3AI score0.00107EPSS

Cvelist•added 2024/09/09 12:0 a.m.•14 views

CVE-2024-44724

0.00124EPSS

Cvelist•added 2024/09/09 12:0 a.m.•8 views

CVE-2024-44725

AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at /admin/robot.php...

0.00107EPSS

Vulnrichment•added 2024/09/09 12:0 a.m.•11 views

CVE-2024-44724

8.4AI score0.00124EPSS

CVE•added 2024/09/09 12:0 a.m.•45 views

CVE-2024-44725

AutoCMS v5.4 is affected by a SQL injection in the sidebar parameter of /admin/robot.php. This CVE (CVE-2024-44725) is documented with a high impact (C/H I/H A/H) and CVSS v3.1 score of 7.2. Root cause: lack of input validation in the sidebar parameter leading to SQL statement manipulation. Explo...

7.2CVSS7.9AI score0.00107EPSS

Exploits1References1Affected Software1

CVE•added 2024/09/09 12:0 a.m.•53 views

CVE-2024-44724

AutoCMS v5.4 is affected by a PHP code injection vulnerability exposed via the txtsite_url parameter in /admin/site_add.php. Exploitation allows executing arbitrary PHP code, as described across multiple sources (e.g., Red Hat and CNNVD entries). The issue is tied to an input parameter in the API...

7.2CVSS8.1AI score0.00124EPSS

Exploits1References1Affected Software1

Prion•added 2023/06/26 7:15 p.m.•14 views

Cross site scripting

Cross Site Scripting vulnerabiltiy in eZ Systems AS eZPublish Platform v.5.4 and eZ Publish Legacy v.5.4 allows a remote authenticated attacker to execute arbitrary code via the video-js.swf...

4.9CVSS5.6AI score0.0068EPSS

Exploits0References1Affected Software2

Cvelist•added 2023/06/20 12:0 a.m.•7 views

CVE-2020-21486

SQL injection vulnerability in PHPOK v.5.4. allows a remote attacker to obtain sensitive information via the userlist function in framerwork/phpokcall.php file...

7.5AI score0.00052EPSS

NVD•added 2023/02/24 4:15 p.m.•9 views

CVE-2021-35370

An issue found in Peacexie Imcat v5.4 allows attackers to execute arbitrary code via the incomplete filtering function...

9.8CVSS9.8AI score0.03903EPSS

Prion•added 2023/02/24 4:15 p.m.•11 views

Design/Logic Flaw

An issue found in Peacexie Imcat v5.4 allows attackers to execute arbitrary code via the incomplete filtering function...

7.5CVSS9.7AI score0.03903EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/02/24 12:0 a.m.•12 views

CVE-2021-35370

An issue found in Peacexie Imcat v5.4 allows attackers to execute arbitrary code via the incomplete filtering function...

10AI score0.03903EPSS

OSV•added 2023/01/17 7:9 p.m.•7 views

GSD-2023-1001387 usb: roles: fix of node refcount leak in usb_role_switch_is_parent()

usb: roles: fix of node refcount leak in usbroleswitchisparent This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

OSV•added 2023/01/17 6:58 p.m.•9 views

GSD-2023-1001267 fs: ext4: initialize fsdata in pagecache_write()

fs: ext4: initialize fsdata in pagecachewrite This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

OSV•added 2023/01/17 6:58 p.m.•11 views

GSD-2023-1001265 ext4: fix reserved cluster accounting in __es_remove_extent()

ext4: fix reserved cluster accounting in esremoveextent This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

OSV•added 2023/01/17 6:35 p.m.•7 views

GSD-2023-1001072 usb: roles: fix of node refcount leak in usb_role_switch_is_parent()

OSV•added 2023/01/17 4:6 p.m.•10 views

GSD-2023-1000152 mm/khugepaged: take the right locks for page table retraction

mm/khugepaged: take the right locks for page table retraction This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.83 by commit...

OSV•added 2022/12/08 3:11 a.m.•5 views

GSD-2022-1008160 can: j1939: j1939_send_one(): fix missing CAN header initialization

can: j1939: j1939sendone: fix missing CAN header initialization This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.225 by commit...

OSV•added 2022/12/08 2:56 a.m.•10 views

GSD-2022-1008025 kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case

kprobes: Skip clearing aggrprobe's posthandler in kprobe-on-ftrace case This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.156 by commit...