CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

305 matches found

GithubExploit•added 2026/05/27 11:39 p.m.•52 views

poc-wondercms-360-xss

CVE — WonderCMS 3.6.0 Stored XSS via Search Widget Severity...

5.8AI score

Exploits0

Packet Storm•added 2026/03/04 12:0 a.m.•130 views

📄 WonderCMS 3.4.2 Shell Upload

Proof of concept exploit for an authentication shell upload vulnerability in WonderCMS version 3.4.2. ============================================================================================================================================= | Title : WonderCMS 3.4.2 Authenticated file upload...

6.1CVSS5.9AI score0.91079EPSS

Exploits16

RedhatCVE•added 2026/01/09 12:22 p.m.•5 views

CVE-2018-14387

An issue was discovered in WonderCMS before 2.5.2. An attacker can create a new session on a web application and record the associated session identifier. The attacker then causes the victim to authenticate against the server using the same session identifier. The attacker can access the user's...

8.8CVSS6.8AI score0.00244EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:35 a.m.•4 views

CVE-2024-41305

A Server-Side Request Forgery SSRF in the Plugins Page of WonderCMS v3.4.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter...

7.1CVSS7.3AI score0.00084EPSS

Exploits1References1

RedhatCVE•added 2025/12/13 8:2 p.m.•1 views

CVE-2024-58305

WonderCMS 4.3.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious JavaScript through the module installation endpoint. Attackers can craft a specially designed XSS payload to install a reverse shell module and execute remote commands by tricking an...

8.8CVSS6.1AI score0.0007EPSS

Exploits0References1

EUVD•added 2025/12/12 9:31 p.m.•1 views

EUVD-2024-55351

8.8CVSS5.6AI score0.0007EPSS

Exploits0References5

NVD•added 2025/12/12 8:15 p.m.•2 views

CVE-2024-58305

8.8CVSS0.0007EPSS

Exploits0References4

OSV•added 2025/12/12 8:15 p.m.•0 views

CVE-2024-58305

8.6CVSS5.8AI score

Exploits0References4

Vulnrichment•added 2025/12/12 7:56 p.m.•1 views

CVE-2024-58305 WonderCMS 4.3.2 Cross-Site Scripting Remote Code Execution via Module Installation

8.8CVSS5.7AI score0.0007EPSS

Exploits0References4

CVE•added 2025/12/12 7:56 p.m.•5 views

CVE-2024-58305

WonderCMS 4.3.2 has a cross-site scripting vulnerability at the module installation endpoint. An attacker can craft a payload to inject JavaScript and trick an authenticated administrator into visiting a malicious link, enabling installation of a reverse shell module and remote command execution....

8.8CVSS5.7AI score0.0007EPSS

Exploits0References4

Cvelist•added 2025/12/12 7:56 p.m.•16 views

CVE-2024-58305 WonderCMS 4.3.2 Cross-Site Scripting Remote Code Execution via Module Installation

8.8CVSS0.0007EPSS

Exploits0References4

Positive Technologies•added 2025/12/12 12:0 a.m.•2 views

PT-2025-50972

Name of the Vulnerable Software and Affected Versions WonderCMS version 4.3.2 Description WonderCMS version 4.3.2 contains a cross-site scripting issue that allows attackers to inject malicious JavaScript through the module installation endpoint. An attacker can craft a specially designed XSS...

8.8CVSS5.8AI score0.0007EPSS

Exploits0References7

CNNVD•added 2025/12/12 12:0 a.m.•2 views

WonderCMS 跨站脚本漏洞

WonderCMS is an open source PHP-based content management system CMS from WonderCMS, Inc. A cross-site scripting vulnerability exists in WonderCMS version 4.3.2, which stems from the presence of cross-site scripting in the module installation endpoints, which could lead to the injection of malicio...

8.8CVSS6.4AI score0.0007EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-6305

Malware in sbrugna...

8.8CVSS8.8AI score0.00244EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-15524

Malware in sbrugna...

7.5CVSS6.5AI score0.00284EPSS

Exploits0References2