Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:31 a.m.10 views

CVE-2024-26471

A reflected cross-site scripting XSS vulnerability in zhimengzhe iBarn v1.5 allows attackers to inject malicious JavaScript into the web browser of a victim via the search parameter in offer.php...

5.4CVSS5.6AI score0.0046EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:18 p.m.7 views

CVE-2020-20588

File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php...

8.8CVSS7.6AI score0.01218EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/06/17 12:0 a.m.5 views

PT-2024-27682 · Unknown · Zhimengzhe Ibarn

Name of the Vulnerable Software and Affected Versions: zhimengzhe iBarn version 1.5 Description: A reflected cross-site scripting XSS issue was discovered, which can be exploited via the search parameter at the "/index.php" API endpoint. This allows for potentially malicious scripts to be execute...

6.3CVSS5.5AI score0.00349EPSS
Exploits1References5
NVD
NVD
added 2024/02/29 1:44 a.m.13 views

CVE-2024-26471

A reflected cross-site scripting XSS vulnerability in zhimengzhe iBarn v1.5 allows attackers to inject malicious JavaScript into the web browser of a victim via the search parameter in offer.php...

5.4CVSS5.4AI score0.0046EPSS
Exploits0References2
OSV
OSV
added 2024/02/29 1:44 a.m.4 views

CVE-2024-26471

A reflected cross-site scripting XSS vulnerability in zhimengzhe iBarn v1.5 allows attackers to inject malicious JavaScript into the web browser of a victim via the search parameter in offer.php...

5.4CVSS5.7AI score0.0046EPSS
Exploits0References2
CVE
CVE
added 2024/02/27 12:0 a.m.86 views

CVE-2024-26471

CVE-2024-26471 describes a reflected cross-site scripting (XSS) vulnerability in the zhimengzhe iBarn v1.5, exploitable via the search parameter in offer.php. The documented risk is that an attacker could inject malicious JavaScript into a victim’s browser, enabling script execution in the contex...

5.4CVSS5.5AI score0.0046EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/27 12:0 a.m.12 views

CVE-2024-26471

A reflected cross-site scripting XSS vulnerability in zhimengzhe iBarn v1.5 allows attackers to inject malicious JavaScript into the web browser of a victim via the search parameter in offer.php...

5.7AI score0.0046EPSS
Exploits0References2
OSV
OSV
added 2022/12/15 7:15 p.m.1 views

CVE-2020-20588

File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php...

8.8CVSS6AI score0.01218EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/12/15 12:0 a.m.4 views

CVE-2020-20588

File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php...

7.8AI score0.01218EPSS
Exploits1References1
CVE
CVE
added 2022/12/15 12:0 a.m.63 views

CVE-2020-20588

CVE-2020-20588 affects zhimengzhe iBarn 1.5 via a file upload vulnerability in the upload function of action/Core.class.php, allowing remote code execution through avatar uploads to index.php. The NVD/NIST entry scores it CVSS 3.1 Base Score 8.8 (High) with network access, low attack complexity, ...

8.8CVSS8.8AI score0.01218EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder