CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site request forgery CSRF in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting XSS attacks via the tongji parameter...

6.1CVSS6.4AI score0.00129EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:7 p.m.•3 views

CVE-2020-21658

A Cross-Site Request Forgery CSRF in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL...

6.5CVSS6.9AI score0.00117EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:18 p.m.•5 views

CVE-2020-21648

WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php...

9.1CVSS7.1AI score0.00356EPSS

Exploits1

NVD•added 2021/10/06 10:15 p.m.•9 views

CVE-2020-21658

A Cross-Site Request Forgery CSRF in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL...

6.5CVSS0.00117EPSS

Exploits1References1

NVD•added 2021/10/06 10:15 p.m.•11 views

CVE-2020-21648

WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php...

9.1CVSS0.00356EPSS

Exploits1References1

Prion•added 2021/10/06 10:15 p.m.•15 views

Cross site request forgery (csrf)

A Cross-Site Request Forgery CSRF in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL...

4.3CVSS6.4AI score0.00117EPSS

Exploits1References1Affected Software1

Prion•added 2021/10/06 10:15 p.m.•12 views

Arbitrary file deletion

WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php...

6.4CVSS9.1AI score0.00356EPSS

Exploits1References1Affected Software1

CVE•added 2021/10/06 9:34 p.m.•33 views

CVE-2020-21658

The CVE-2020-21658 entry describes a CSRF vulnerability in WDJA CMS v1.5.2 that allows an attacker to arbitrarily add administrator accounts via a crafted URL. Affected product/version: WDJA CMS 1.5.2. Root cause: insufficient CSRF protection on account-creation/administrator-adding functionality...

6.5CVSS6.4AI score0.00117EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/10/06 9:34 p.m.•15 views

CVE-2020-21658

A Cross-Site Request Forgery CSRF in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL...

6.4AI score0.00117EPSS

Exploits1References1

Cvelist•added 2021/10/06 9:33 p.m.•10 views

CVE-2020-21648

WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php...

9.3AI score0.00356EPSS

Exploits1References1

CVE•added 2021/10/06 9:33 p.m.•39 views

CVE-2020-21648

CVE-2020-21648 affects WDJA CMS v1.5.2 with an arbitrary file deletion vulnerability in admin/cache/manage.php. The issue is documented across multiple sources (NVD/Red Hat/CVE). The root cause details are not provided beyond the vulnerability location; impact is deletion of arbitrary files. CVSS...

9.1CVSS9.1AI score0.00356EPSS

Exploits1References1Affected Software1

CNVD•added 2021/01/12 12:0 a.m.•1 views

Wdja Cross-Site Scripting Vulnerability

Wdja is a Php-based content management system from the Wdja team. A cross-site scripting vulnerability exists in WDJA CMS version 1.5, where the vulnerability tongji parameter does not do XSS filtering on user input, which can be exploited by an attacker to steal user credentials...

6.1CVSS5.8AI score0.00129EPSS

Exploits1References1

NVD•added 2021/01/11 8:15 p.m.•8 views

CVE-2020-23631

Cross-site request forgery CSRF in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting XSS attacks via the tongji parameter...

6.1CVSS6.3AI score0.00129EPSS

Exploits1References2

Prion•added 2021/01/11 8:15 p.m.•7 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting XSS attacks via the tongji parameter...

4.3CVSS6.2AI score0.00129EPSS

Exploits1References2Affected Software1

Cvelist•added 2021/01/11 7:16 p.m.•10 views

CVE-2020-23631

Cross-site request forgery CSRF in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting XSS attacks via the tongji parameter...

6.3AI score0.00129EPSS

Exploits1References2

CVE•added 2021/01/11 7:16 p.m.•41 views

CVE-2020-23631

CVE-2020-23631 affects WDJA CMS 1.5, where a flaw in admin/global/manage.php allows CSRF that can enable cross-site scripting via the tongji parameter. The impact described is XSS; no exploitation details or patch/version remediation are provided in the supplied documents. If present, mitigation ...

6.1CVSS6.2AI score0.00129EPSS

Exploits1References2Affected Software1

CNNVD•added 2021/01/11 12:0 a.m.•1 views

Wdja 跨站脚本漏洞

6.1CVSS6.2AI score0.00129EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by