Skip to main content

Antsword

3 CVEs product

Monthly

CVE-2020-18766 CRITICAL POC Act Now

A cross-site scripting (XSS) vulnerability AntSword v2.0.7 can remotely execute system commands. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Antsword
NVD GitHub
CVSS 3.1
9.6
EPSS
1.1%
CVE-2020-25470 MEDIUM POC This Month

AntSword 2.1.8.1 contains a cross-site scripting (XSS) vulnerability in the View Site funtion. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS RCE Antsword
NVD GitHub
CVSS 3.1
6.1
EPSS
1.3%
CVE-2019-13970 npm MEDIUM POC PATCH This Month

In antSword before 2.1.0, self-XSS in the database configuration leads to code execution via modules/database/asp/index.js, modules/database/custom/index.js, modules/database/index.js, or. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS RCE PHP Antsword
NVD GitHub
CVSS 3.0
6.1
EPSS
1.9%
EPSS 1% CVSS 9.6
CRITICAL POC Act Now

A cross-site scripting (XSS) vulnerability AntSword v2.0.7 can remotely execute system commands. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Antsword
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

AntSword 2.1.8.1 contains a cross-site scripting (XSS) vulnerability in the View Site funtion. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS RCE Antsword
NVD GitHub
EPSS 2% CVSS 6.1
MEDIUM POC PATCH This Month

In antSword before 2.1.0, self-XSS in the database configuration leads to code execution via modules/database/asp/index.js, modules/database/custom/index.js, modules/database/index.js, or. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS RCE PHP +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy