Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.9 views

CVE-2023-29839

A Stored Cross Site Scripting XSS vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function...

5.4CVSS5.9AI score0.00663EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/25 8:4 p.m.8 views

CVE-2025-27146 Matrix IRC Bridge allows IRC command injection to own puppeted user

matrix-appservice-irc is a Node.js IRC bridge for Matrix. The matrix-appservice-irc bridge up to version 3.0.3 contains a vulnerability which can lead to arbitrary IRC command execution as the puppeted user. The attacker can only inject commands executed as their own IRC user. The vulnerability h...

2.7CVSS4.3AI score0.00354EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/06 9:35 p.m.34 views

CVE-2024-36775

A cross-site scripting XSS vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the About Me parameter in the Edit Profile page...

0.00333EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/07/06 12:0 a.m.5 views

Monstra CMS 跨站脚本漏洞

Monstra is a lightweight content management system CMS. A cross-site scripting vulnerability exists in Monstra version 3.0.4. The vulnerability can be exploited to conduct cross-site scripting attacks via the page function in admin/index.php...

5.4CVSS5.1AI score0.01885EPSS
Exploits1References2
OSV
OSV
added 2018/02/02 9:29 a.m.12 views

CVE-2018-6550

Monstra CMS through 3.0.4 has XSS in the title function in plugins/box/pages/pages.plugin.php via a page title to admin/index.php...

5.4CVSS5.2AI score
Exploits0References2
Rows per page
Query Builder