Lucene search
K

41 matches found

Nuclei
Nuclei
added yesterday16 views

shadoweb wdja v1.5.1 - Cross-Site Scripting

shadoweb wdja v1.5.1 is susceptible to cross-site scripting because it allows attackers to execute arbitrary code and gain escalated privileges via the backurl parameter to /php/passport/index.php. id: CVE-2020-20982 info: name: shadoweb wdja v1.5.1 - Cross-Site Scripting author:...

9.6CVSS7.4AI score0.06095EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-14416

Malware in sbrugna...

9.1CVSS9AI score0.01307EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-14426

Malware in sbrugna...

6.5CVSS6.6AI score0.00476EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-16374

Malware in sbrugna...

6.1CVSS6.3AI score0.00471EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-29167

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01039EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:33 p.m.6 views

CVE-2021-42185

wdja v2.1 is affected by a SQL injection vulnerability in the foreground search function...

9.8CVSS7.9AI score0.01039EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 5:5 p.m.5 views

CVE-2020-20982

Cross Site Scripting XSS vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php...

9.6CVSS6.6AI score0.06095EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:31 p.m.12 views

CVE-2020-23631

Cross-site request forgery CSRF in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting XSS attacks via the tongji parameter...

6.1CVSS6.4AI score0.00471EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:7 p.m.5 views

CVE-2020-21658

A Cross-Site Request Forgery CSRF in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL...

6.5CVSS6.9AI score0.00476EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:18 p.m.9 views

CVE-2020-21648

WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php...

9.1CVSS7.1AI score0.01307EPSS
Exploits1
CNVD
CNVD
added 2022/05/09 12:0 a.m.18 views

WDJA SQL Injection Vulnerability

Wdja is a Php-based content management system from the WDJA team. v2.1 of WDJA is vulnerable to SQL injection, which stems from the impact of a SQL injection vulnerability in the front-end search function. An attacker can exploit the vulnerability for SQL injection...

7.5CVSS3AI score0.01039EPSS
Exploits1Affected Software1
NVD
NVD
added 2022/05/04 12:15 p.m.12 views

CVE-2021-42185

wdja v2.1 is affected by a SQL injection vulnerability in the foreground search function...

9.8CVSS0.01039EPSS
Exploits1References2
Prion
Prion
added 2022/05/04 12:15 p.m.11 views

Sql injection

wdja v2.1 is affected by a SQL injection vulnerability in the foreground search function...

7.5CVSS9.7AI score0.01039EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/05/04 11:6 a.m.61 views

CVE-2021-42185

CVE-2021-42185 affects the PHP-based CMS WDJA v2.1, with a SQL injection in the foreground search function. The issue is documented across multiple sources (NVD entry notes a SQLi vulnerability in the front-end search; Red Hat and CNVD entries corroborate WDJA v2.1 exposure). CVSS data in the NVD...

9.8CVSS9.8AI score0.01039EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/05/04 11:6 a.m.19 views

CVE-2021-42185

wdja v2.1 is affected by a SQL injection vulnerability in the foreground search function...

10AI score0.01039EPSS
Exploits1References2
OSV
OSV
added 2021/11/03 5:15 p.m.3 views

CVE-2020-20982

Cross Site Scripting XSS vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php...

9.6CVSS7.5AI score
Exploits0References1
NVD
NVD
added 2021/11/03 5:15 p.m.19 views

CVE-2020-20982

Cross Site Scripting XSS vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php...

9.6CVSS0.06095EPSS
Exploits0References1
Prion
Prion
added 2021/11/03 5:15 p.m.16 views

Cross site scripting

Cross Site Scripting XSS vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php...

6.8CVSS8.6AI score0.06095EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/11/03 4:7 p.m.63 views

CVE-2020-20982

CVE-2020-20982 affects shadoweb wdja v1.5.1. The vulnerability is a Cross-Site Scripting (XSS) flaw in the backurl handling of /php/passport/index.php , potentially allowing an attacker to execute arbitrary scripts in the victim’s browser and escalate privileges within the user context. Affected ...

9.6CVSS8.7AI score0.06095EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/03 4:7 p.m.25 views

CVE-2020-20982

Cross Site Scripting XSS vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php...

8.8AI score0.06095EPSS
Exploits0References1
Rows per page
Query Builder