Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Dolphinphp ProjectDolphinphp

3 matches found

CVE
CVEadded 2022/03/29 5:50 a.m.72 views

CVE-2022-1086

DolphinPHP up to 1.5.0 is affected by a cross-site scripting vulnerability in the User Management Page. The issue stems from insufficient input/output data validation, allowing remote attacker exploitation and client-side JavaScript execution. Exploit information has been disclosed publicly. No r...

5.4CVSS4.3AI score0.00281EPSS
CVE
CVEadded 2023/02/21 9:19 a.m.60 views

CVE-2023-0935

CVE-2023-0935 affects DolphinPHP (up to 1.5.1) and stems from handling of the parameter id in the file common.php , enabling remote OS command injection . The issue is linked to an “Incomplete Fix CVE-2021-46097” and has had an exploit disclosed publicly; the associated vulnerability ID is VDB-22...

9.8CVSS7.8AI score0.05105EPSS
CVE
CVEadded 2022/08/19 4:45 p.m.55 views

CVE-2022-37254

Vulnerability summary: CVE-2022-37254 affects DolphinPHP 1.5.1 with a Cross Site Scripting (XSS) flaw reachable via the backend: Background → System → system function → Configuration Management. The issue is documented across multiple sources (NVD, CVE lists) with a CVSSv3.1 base score of 5.4 (Me...

5.4CVSS5.3AI score0.00209EPSS