Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (323561 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-14976 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/category.php has XSS.
CVE-2018-14975 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/album.php has XSS.
CVE-2018-14974 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/news.php has XSS.
CVE-2018-14973 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/product.php has XSS.
CVE-2018-14972 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/down.php has XSS.
CVE-2018-14971 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/user.php has XSS.
CVE-2018-14970 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/slideshow.php has XSS.
CVE-2018-14969 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/system.php has XSS.
CVE-2018-14968 1 Emlsoft Project 1 Emlsoft 2024-11-21 N/A
An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.address.php has SQL Injection via the numPerPage parameter.
CVE-2018-14967 1 Emlsoft Project 1 Emlsoft 2024-11-21 N/A
An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.user.php has SQL Injection via the numPerPage parameter.
CVE-2018-14966 1 Emlsoft Project 1 Emlsoft 2024-11-21 N/A
An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=user&do=add page allows CSRF.
CVE-2018-14965 1 Emlsoft Project 1 Emlsoft 2024-11-21 N/A
An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=address&do=add page allows CSRF.
CVE-2018-14964 1 Emlsoft Project 1 Emlsoft 2024-11-21 N/A
An issue was discovered in EMLsoft 5.4.5. XSS exists via the eml/upload/eml/?action=address&do=edit page.
CVE-2018-14963 1 Zzcms 1 Zzcms 2024-11-21 N/A
zzcms 8.3 has CSRF via the admin/adminadd.php?action=add URI.
CVE-2018-14962 1 Zzcms 1 Zzcms 2024-11-21 N/A
zzcms 8.3 has stored XSS related to the content variable in user/manage.php and zt/show.php.
CVE-2018-14961 1 Zzcms 1 Zzcms 2024-11-21 N/A
dl/dl_sendmail.php in zzcms 8.3 has SQL Injection via the sql parameter.
CVE-2018-14960 1 Xiao5ucompany Project 1 Xiao5ucompany 2024-11-21 N/A
Xiao5uCompany 1.7 has CSRF via admin/Admin.asp.
CVE-2018-14959 1 Weaselcms Project 1 Weaselcms 2024-11-21 N/A
An issue was discovered in WeaselCMS v0.3.5. CSRF can create new pages via an index.php?b=pages&a=new URI.
CVE-2018-14958 1 Weaselcms Project 1 Weaselcms 2024-11-21 N/A
An issue was discovered in WeaselCMS v0.3.5. CSRF can update the website settings (such as the theme, title, and description) via index.php.
CVE-2018-14957 1 Isweb 1 Isweb 2024-11-21 N/A
CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file download, as demonstrated by moduli/downloadFile.php?file=oggetto_documenti/../.././inc/config.php (one can take the control of the application because credentials are present in that config.php file).