Skip to main content

Content Management System

17 CVEs product

Monthly

CVE-2025-7714 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive Design Media Software Inc. [CVSS 7.5 HIGH]

SQLi Content Management System
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-7713 HIGH This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Global Interactive Design Media Software Inc. Content Management System (CMS) allows XSS Through HTTP Headers.This issue affects Content Management System (CMS): through 21072025. [CVSS 7.5 HIGH]

XSS Content Management System
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-15197 LOW POC Monitor

A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This vulnerability affects unknown code of the file /admin/editposts.php. Performing manipulation of the argument image results in unrestricted upload. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.

PHP Authentication Bypass File Upload News Buzz Content Management System
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-5633 MEDIUM POC This Month

A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/users.php. The manipulation of the argument delete leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

PHP SQLi News Buzz Content Management System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-5632 MEDIUM POC This Month

A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/users.php. The manipulation of the argument change_to_admin leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

PHP SQLi Content Management System News Buzz
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-5631 HIGH POC This Week

Critical SQL injection vulnerability in the /publicposts.php file of Content Management System and News-Buzz version 1.0 by code-projects/anirbandutta9. The vulnerability allows unauthenticated remote attackers to inject arbitrary SQL commands through the 'post' parameter, potentially enabling unauthorized data access, modification, or deletion. A public exploit has been disclosed and the vulnerability is exploitable with low attack complexity, making it an active threat.

PHP SQLi Content Management System News Buzz RCE
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.1%
CVE-2025-29094 MEDIUM POC This Month

Cross Site Scripting vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker to execute arbitrary code via the Marketing/Forms, Marketing/Offers and Content/Pages components.

RCE XSS Content Management System
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-29093 HIGH POC This Week

CVE-2025-29093 is an unauthenticated file upload vulnerability in Motivian Content Management System v41.0.0 that allows remote attackers to execute arbitrary code through the Content/Gallery/Images component. The vulnerability has a CVSS score of 8.2 with high integrity impact, affecting confidentiality and code execution capabilities. No authentication is required (PR:N) and exploitation is trivial (AC:L), making this a critical threat to unpatched instances.

File Upload RCE Content Management System
NVD GitHub
CVSS 3.1
8.2
EPSS
0.4%
CVE-2025-4311 MEDIUM POC This Month

A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Content Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-4310 MEDIUM POC This Month

A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass File Upload Content Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.2%
CVE-2025-4301 MEDIUM POC This Month

A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Content Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-4300 MEDIUM POC This Month

A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Content Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-0346 MEDIUM POC This Month

A vulnerability was found in code-projects Content Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Authentication Bypass PHP Content Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2024-10758 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP News Buzz Content Management System
NVD Exploit-DB GitHub VulDB
CVSS 4.0
6.9
EPSS
1.4%
CVE-2023-31816 MEDIUM POC This Month

IT Sourcecode Content Management System Project In PHP and MySQL With Source Code 1.0.0 is vulnerable to Cross Site Scripting (XSS) via /ecodesource/search_list.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Content Management System
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-26565 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Totaljs all versions before commit 95f54a5commit, allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Content Management System
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-25197 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in SourceCodester Content Management System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Content Management System
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
EPSS 0% CVSS 7.5
HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive Design Media Software Inc. [CVSS 7.5 HIGH]

SQLi Content Management System
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Global Interactive Design Media Software Inc. Content Management System (CMS) allows XSS Through HTTP Headers.This issue affects Content Management System (CMS): through 21072025. [CVSS 7.5 HIGH]

XSS Content Management System
NVD VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This vulnerability affects unknown code of the file /admin/editposts.php. Performing manipulation of the argument image results in unrestricted upload. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.

PHP Authentication Bypass File Upload +2
NVD GitHub VulDB
EPSS 0% CVSS 6.3
MEDIUM POC This Month

A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/users.php. The manipulation of the argument delete leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

PHP SQLi News Buzz +1
NVD GitHub VulDB
EPSS 0% CVSS 6.3
MEDIUM POC This Month

A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/users.php. The manipulation of the argument change_to_admin leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

PHP SQLi Content Management System +1
NVD GitHub VulDB
EPSS 0% CVSS 7.3
HIGH POC This Week

Critical SQL injection vulnerability in the /publicposts.php file of Content Management System and News-Buzz version 1.0 by code-projects/anirbandutta9. The vulnerability allows unauthenticated remote attackers to inject arbitrary SQL commands through the 'post' parameter, potentially enabling unauthorized data access, modification, or deletion. A public exploit has been disclosed and the vulnerability is exploitable with low attack complexity, making it an active threat.

PHP SQLi Content Management System +2
NVD GitHub VulDB
EPSS 0% CVSS 6.1
MEDIUM POC This Month

Cross Site Scripting vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker to execute arbitrary code via the Marketing/Forms, Marketing/Offers and Content/Pages components.

RCE XSS Content Management System
NVD GitHub
EPSS 0% CVSS 8.2
HIGH POC This Week

CVE-2025-29093 is an unauthenticated file upload vulnerability in Motivian Content Management System v41.0.0 that allows remote attackers to execute arbitrary code through the Content/Gallery/Images component. The vulnerability has a CVSS score of 8.2 with high integrity impact, affecting confidentiality and code execution capabilities. No authentication is required (PR:N) and exploitation is trivial (AC:L), making this a critical threat to unpatched instances.

File Upload RCE Content Management System
NVD GitHub
EPSS 0% CVSS 6.9
MEDIUM POC This Month

A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Content Management System
NVD GitHub VulDB
EPSS 0% CVSS 5.1
MEDIUM POC This Month

A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass File Upload +1
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Content Management System
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Content Management System
NVD GitHub VulDB
EPSS 0% CVSS 5.1
MEDIUM POC This Month

A vulnerability was found in code-projects Content Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Authentication Bypass PHP +1
NVD GitHub VulDB
EPSS 1% CVSS 6.9
MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP News Buzz +1
NVD Exploit-DB GitHub VulDB
EPSS 0% CVSS 6.1
MEDIUM POC This Month

IT Sourcecode Content Management System Project In PHP and MySQL With Source Code 1.0.0 is vulnerable to Cross Site Scripting (XSS) via /ecodesource/search_list.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Content Management System
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Totaljs all versions before commit 95f54a5commit, allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Content Management System
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in SourceCodester Content Management System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Content Management System
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy