Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Associated Vulnerability
Clear Filters
Found 828 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-6451 CMS für Motorrad Werkstätten <= 1.0.0 - Cross-Site Request Forgery tholstkabelbwdePlugin: CMS für Motorrad Werkstätten Medium 4.3 2026-04-17 07:45:57 Deep Dive
CVE-2026-39393 Post-Installation Re-entry via Cache-Dependent Install Guard Bypass in ci4ms ci4-cms-erpci4ms High 8.1 2026-04-08 14:31:45 Deep Dive
CVE-2026-39389 CI4MS has a Hidden Items Authorization Bypass in Fileeditor Allows Reading Secrets and Writing Protected Files ci4-cms-erpci4ms Medium 6.7 2026-04-08 14:28:30 Deep Dive
CVE-2026-35035 CI4MS Company Information Public-Facing Page Full Platform Compromise & Full Account Takeover for All Roles & Privilege-Escalation via System Settings Company Information Stored DOM XSS ci4-cms-erpci4ms High 7.2 2026-04-06 16:49:10 Deep Dive
CVE-2026-34989 CI4MS affected by Profile & User Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms--2026-04-06 16:25:54 Deep Dive
CVE-2019-25687 Pegasus CMS 1.0 Remote Code Execution via extra_fields.php wisdomPegasus CMS Critical 9.8 2026-04-05 20:45:36 Deep Dive
CVE-2016-20053 Redaxo CMS 5.2 Cross-Site Request Forgery via users endpoint RedaxoRedaxo CMS Medium 5.3 2026-04-04 13:50:58 Deep Dive
CVE-2016-20052 Snews CMS 1.7 Unrestricted File Upload via snews_files SnewscmsSnews CMS upload sheller Critical 9.8 2026-04-04 13:50:57 Deep Dive
CVE-2016-20051 Snews CMS 1.7 Cross-Site Request Forgery via changeup SnewscmsSnews CMS Cross Site Request Forgery Medium 5.3 2026-04-04 13:50:57 Deep Dive
CVE-2026-34572 CI4MS: Account Deactivation Module Full Persistent Unauthorized Access for All‑Roles via Improper Session Invalidation (Logic Flaw) ci4-cms-erpci4ms High 8.8 2026-04-01 21:35:11 Deep Dive
CVE-2026-34571 CI4MS: Stored Cross‑Site Scripting (Stored XSS) in Backend User Management Allows Session Hijacking and Full Administrative Account Compromise ci4-cms-erpci4ms Critical 9.9 2026-04-01 21:32:17 Deep Dive
CVE-2026-34570 CI4MS: Account Deletion Module Full Persistent Unauthorized Access for All‑Roles via Improper Session Invalidation (Logic Flaw) ci4-cms-erpci4ms High 8.8 2026-04-01 21:30:31 Deep Dive
CVE-2026-34569 CI4MS: Blogs Categories Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms Critical 9.9 2026-04-01 21:29:34 Deep Dive
CVE-2026-34568 CI4MS: Blogs Posts Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms Critical 9.1 2026-04-01 21:28:56 Deep Dive
CVE-2026-34567 CI4MS: Blogs Posts (Categories) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms Critical 9.1 2026-04-01 21:28:24 Deep Dive
CVE-2026-34566 CI4MS: Pages Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms Critical 9.1 2026-04-01 21:27:01 Deep Dive
CVE-2026-34565 CI4MS: Menu Management (Posts) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms Critical 9.1 2026-04-01 21:26:22 Deep Dive
CVE-2026-34564 CI4MS: Menu Management (Pages) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms Critical 9.1 2026-04-01 21:25:53 Deep Dive
CVE-2026-34563 CI4MS: Backup Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM Blind XSS ci4-cms-erpci4ms Critical 9.1 2026-04-01 21:25:14 Deep Dive
CVE-2026-34562 CI4MS: System Settings (Company Information) Full Platform Compromise & Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms Medium 4.7 2026-04-01 21:23:42 Deep Dive