Lucene search
+L

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-10438

Malware in sbrugna...

4.8CVSS5.1AI score0.00559EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-10440

Malware in sbrugna...

4.8CVSS5.1AI score0.00559EPSS
Exploits1References2
Prion
Prion
added 2018/11/11 5:29 p.m.21 views

Directory traversal

statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows arbitrary file deletion via the statics/ueditor/php/controller.php?action=remove key parameter, as demonstrated by using directory traversal to delete the install.lock file...

6.4CVSS7.5AI score0.01449EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/11/11 5:29 p.m.4 views

CVE-2018-19181

statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows arbitrary file deletion via the statics/ueditor/php/controller.php?action=remove key parameter, as demonstrated by using directory traversal to delete the install.lock file...

7.5CVSS5.9AI score0.01449EPSS
Exploits1References1
Prion
Prion
added 2018/11/11 5:29 p.m.22 views

Code injection

statics/app/index/controller/Install.php in YUNUCMS 1.1.5 if install.lock is not present allows remote attackers to execute arbitrary PHP code by placing this code in the index.php?s=index/install/setup2 DBPREFIX field, which is written to database.php...

7.5CVSS9.7AI score0.01508EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/11/11 5:0 p.m.30 views

CVE-2018-19180

statics/app/index/controller/Install.php in YUNUCMS 1.1.5 if install.lock is not present allows remote attackers to execute arbitrary PHP code by placing this code in the index.php?s=index/install/setup2 DBPREFIX field, which is written to database.php...

9.8AI score0.01508EPSS
Exploits1References1
OSV
OSV
added 2018/10/29 12:29 p.m.4 views

CVE-2018-18726

An XSS issue was discovered in admin/sitelink/editsitelink?id=16 in YUNUCMS 1.1.5...

4.8CVSS5.8AI score0.00559EPSS
Exploits1References1
Prion
Prion
added 2018/10/29 12:29 p.m.16 views

Cross site scripting

An XSS issue was discovered in admin/link/editlink?id=5 in YUNUCMS 1.1.5...

3.5CVSS4.8AI score0.00559EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/10/29 12:29 p.m.17 views

Cross site scripting

An XSS issue was discovered in index.php/admin/system/basic in YUNUCMS 1.1.5...

3.5CVSS4.8AI score0.00559EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/10/28 12:0 a.m.50 views

CVE-2018-18725

Summary: CVE-2018-18725 is a cross-site scripting vulnerability affecting YUNUCMS 1.1.5, specifically in the path admin/banner/editbanner?id=20. The connected documents confirm an XSS issue in that component. NVD references assign CVSS scores: CVSS v2 base 3.5 (LOW) and CVSS v3 base 4.8 (MEDIUM),...

4.8CVSS4.9AI score0.00559EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder