CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-2686

Malware in sbrugna...

8.8CVSS8.6AI score0.0681EPSS

Exploits2References4

RedhatCVE•added 2025/02/14 10:12 a.m.•4 views

CVE-2023-46694

Vtenext 21.02 allows an authenticated attacker to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication controls when accessing the Ckeditor file manager functionality...

8.1CVSS7.3AI score0.09077EPSS

Exploits1

NVD•added 2024/05/28 8:16 p.m.•8 views

CVE-2023-46694

8.1CVSS7AI score0.09077EPSS

Exploits1References1

Cvelist•added 2024/05/28 7:21 p.m.•20 views

CVE-2023-46694

7AI score0.09077EPSS

Exploits1References1

Vulnrichment•added 2024/05/28 7:21 p.m.•11 views

CVE-2023-46694

7.4AI score0.09077EPSS

Exploits1References1

Positive Technologies•added 2024/05/28 12:0 a.m.•2 views

PT-2024-13371 · Vtenext +1 · Vtenext +1

Name of the Vulnerable Software and Affected Versions: Vtenext version 21.02 Description: The issue allows an authenticated attacker to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication...

8.1CVSS7.8AI score0.09077EPSS

Exploits1References2

CNNVD•added 2024/05/28 12:0 a.m.•2 views

Vtenext 安全漏洞

Vtenext is a Customer Relationship Management system from the Italian company Vtenext that helps users manage the CRM process in their business activities. A security vulnerability exists in Vtenext version 21.02, which arises from the application's failure to implement proper authentication...

8.1CVSS7.2AI score0.09077EPSS

Exploits1References2

GithubExploit•added 2024/03/01 11:0 a.m.•76 views

Exploit for CVE-2023-46694

CVE-2023-46694 Discovered by: Federico Zambito with Innover...

8.1CVSS8.1AI score0.09077EPSS

Exploits1

CNVD•added 2020/09/15 12:0 a.m.•2 views

vtenext cross-site scripting vulnerability

vtenext is a unique open source CRM + BPM solution for comprehensive management of leads, contacts and customers. A cross-site scripting vulnerability exists in the Messaging module of vtenext version 19 CE. The vulnerability can be exploited to inject arbitrary JavaScript code via the "From" fie...

6.1CVSS6.4AI score0.00509EPSS

Exploits3References1

CNVD•added 2020/09/15 12:0 a.m.•2 views

vtenext file upload vulnerability

vtenext is a unique open source CRM + BPM solution for comprehensive management of leads, contacts and customers. A file upload vulnerability exists in vtenext version 19 CE. An attacker can exploit the vulnerability to upload a file with the extension .pht, which can be used for remote code...

8.8CVSS8.1AI score0.0681EPSS

Exploits2References1

NVD•added 2020/09/14 8:15 p.m.•9 views

CVE-2020-10227

A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...

6.1CVSS0.00509EPSS

Exploits3References3

OSV•added 2020/09/14 8:15 p.m.•1 views

CVE-2020-10227

A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...

6.1CVSS6.4AI score

Exploits0References3

NVD•added 2020/09/14 8:15 p.m.•11 views

CVE-2020-10228

A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...

8.8CVSS0.0681EPSS

Exploits2References3

OSV•added 2020/09/14 8:15 p.m.•1 views

CVE-2020-10229

A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts...

8.8CVSS7.3AI score

Exploits0References3

OSV•added 2020/09/14 8:15 p.m.•1 views

CVE-2020-10228

A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...

8.8CVSS6.1AI score0.0681EPSS

Exploits2References3

NVD•added 2020/09/14 8:15 p.m.•8 views

CVE-2020-10229

A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts...

8.8CVSS0.00397EPSS

Exploits3References3

Prion•added 2020/09/14 8:15 p.m.•13 views

Cross site request forgery (csrf)

A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts...

6.8CVSS8.6AI score0.00397EPSS

Exploits3References3Affected Software1

Prion•added 2020/09/14 8:15 p.m.•9 views

Cross site scripting

A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...

4.3CVSS6.2AI score0.00509EPSS

Exploits3References3Affected Software1

Prion•added 2020/09/14 8:15 p.m.•11 views

Unrestricted file upload

A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...

6.5CVSS8.8AI score0.0681EPSS

Exploits2References3Affected Software1

Cvelist•added 2020/09/14 7:58 p.m.•10 views

CVE-2020-10227

A cross-site scripting XSS vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email...

6.4AI score0.00509EPSS

Exploits3References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by