Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

seebug.org
seebug.orgadded 2014/03/25 12:0 a.m.45 views

CMSimple '/whizzywig/wb.php'跨站脚本漏洞

Bugtraq ID:66312 CVE ID:CVE-2014-2219 CMSimple是一个国外开源的简易内容管理系统。 CMSimple不正确过滤传递给"/whizzywig/wb.php"脚本的"d" HTTP GET参数数据,允许攻击者构建恶意URI,诱使用户解析,可获得敏感Cookie,劫持会话或在客户端上进行恶意操作。 0 CMSimple 3.54 用户可参考如下厂商提供的安全补丁以修复该漏洞: http://sourceforge.net/projects/cmsimple-le/files/cmsimpleclassic/ !/usr/bin/env python...

4.3CVSS6.6AI score0.00254EPSS
Exploits3
Cvelist
Cvelistadded 2014/03/20 4:0 p.m.14 views

CVE-2014-2219

Cross-site scripting XSS vulnerability in whizzywig/wb.php in CMSimple Classic 3.54 and earlier, possibly as downloaded before February 26, 2014, allows remote attackers to inject arbitrary web script or HTML via the d parameter...

5.7AI score0.00254EPSS
Exploits3References3
Rows per page
Query Builder