CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code execution, via ExtendedFileManager/Classes/ExtendedFileManager.php because ExtendedFileManager can be used to rename the .htaccess file that blocks .php uploads...

9.8CVSS7.4AI score0.01308EPSS

Exploits1References1

NVD•added 2019/11/05 9:15 p.m.•6 views

CVE-2011-1134

Cross-Site Scripting XSS in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager...

9.8CVSS8.7AI score0.05004EPSS

Exploits0References4

NVD•added 2019/11/05 9:15 p.m.•7 views

CVE-2011-1133

Cross-Site Scripting XSS in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code via plugins/ExtendedFileManager/backend.php...

6.1CVSS6.2AI score0.00863EPSS

Exploits0References4

Prion•added 2019/11/05 9:15 p.m.•11 views

Cross site scripting

Cross-Site Scripting XSS in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in plugins/ExtendedFileManager/manager.php and plugins/ImageManager/manager.php...

4.3CVSS6.8AI score0.00863EPSS

Exploits0References4Affected Software1

UbuntuCve•added 2019/11/05 9:15 p.m.•15 views

CVE-2011-1135

6.1CVSS6.7AI score0.00863EPSS

Exploits0References2

UbuntuCve•added 2019/11/05 9:15 p.m.•16 views

CVE-2011-1133

Cross-Site Scripting XSS in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code via plugins/ExtendedFileManager/backend.php...

6.1CVSS6.7AI score0.00863EPSS

Exploits0References2

UbuntuCve•added 2019/11/05 9:15 p.m.•18 views

CVE-2011-1134

Cross-Site Scripting XSS in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager...

9.8CVSS7.6AI score0.05004EPSS

Exploits0References2

Prion•added 2019/11/05 9:15 p.m.•12 views

Cross site scripting

Cross-Site Scripting XSS in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code via plugins/ExtendedFileManager/backend.php...

4.3CVSS6.8AI score0.00863EPSS

Exploits0References4Affected Software1

Prion•added 2019/11/05 9:15 p.m.•10 views

Cross site scripting

Cross-Site Scripting XSS in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager...

7.5CVSS6.7AI score0.05004EPSS

Exploits0References4Affected Software1

Cvelist•added 2019/11/05 8:10 p.m.•8 views

CVE-2011-1135

6.2AI score0.00863EPSS

Exploits0References4

CVE•added 2019/11/05 8:10 p.m.•39 views

CVE-2011-1135

CVE-2011-1135 affects Xinha as included in Serendipity before 1.5.5. The vulnerability is a Cross-Site Scripting (XSS) in certain plugins (ExtendedFileManager/manager.php and ImageManager/manager.php). The issue enables remote attackers to execute arbitrary code within the context of the affected...

6.1CVSS6.1AI score0.00863EPSS

Exploits0References4Affected Software1

Debian CVE•added 2019/11/05 8:10 p.m.•16 views

CVE-2011-1135

Removed by vendor...

6.1CVSS6.4AI score0.00863EPSS

Exploits0

Cvelist•added 2019/11/05 8:7 p.m.•7 views

CVE-2011-1134

Cross-Site Scripting XSS in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager...

8.7AI score0.05004EPSS

Exploits0References4

CVE•added 2019/11/05 8:7 p.m.•38 views

CVE-2011-1134

CVE-2011-1134 describes a Cross-Site Scripting (XSS) flaw in the Xinha editor bundled with Serendipity before version 1.5.5. The root cause is insufficient validation of client-side data by the web application, enabling remote attackers to execute arbitrary code in the image manager. Affected sof...

9.8CVSS8.5AI score0.05004EPSS

Exploits0References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by