Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2025-44022
CRITICAL CVSS 9.8
Find Similar
An issue in vvveb CMS v.1.0.6 allows a remote attacker to execute arbitrary code via the Plugin mechanism.
Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows low-privilege authenticated users to execute arbitrary code through insu
CVE-2025-29306
CRITICAL CVSS 9.8
Find Similar
An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component.
Vvveb CMS 1.0.8.2 contains a remote code execution vulnerability in its media upload handler that allows authenticated attackers to execute arbitrary operating system commands by uploading a PHP websh
An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java component
Vvveb before 1.0.8.2 contains an unauthenticated reflected cross-site scripting vulnerability in the visual editor preview renderer that allows attackers to execute arbitrary JavaScript by manipulatin
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.1, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Vvveb CMS comm
A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. T
A vulnerability was identified in givanz Vvveb up to 1.0.7.2. Affected by this issue is some unknown functionality of the component SVG File Handler. Such manipulation leads to cross site scripting. T
A vulnerability has been found in givanz Vvveb up to 1.0.5. This vulnerability affects unknown code of the file /vadmin123/index.php?module=content/post&type=post of the component Endpoint. The manipu
CVE-2026-6257
CRITICAL CVSS 9.2
Find Similar
Vvveb CMS v1.0.8.2 contains a remote code execution vulnerability in its media management functionality where a missing return statement in the file rename handler allows authenticated attackers to re
A weakness has been identified in givanz Vvveb up to 1.0.7.2. This vulnerability affects unknown code. Executing manipulation can lead to cross-site request forgery. The attack can be executed remotel
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, This vulnerability is fixed in 1.0.8.3.
An issue in Via Browser 6.1.0 allows a a remote attacker to execute arbitrary code via the mark.via.Shell component.
A vulnerability was determined in givanz Vvveb up to 1.0.7.2. Affected by this vulnerability is an unknown functionality of the component Configuration File Handler. This manipulation causes informati
An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, there is an unauthenticated reflected cross-site scripting (XSS) issue in the
A vulnerability was found in vBulletin 6.x. This impacts an unknown function of the component Login. Performing a manipulation results in cross site scripting. It is possible to initiate the attack re
A Cross-site scripting (XSS) vulnerability in /api_vedo/ in Vedo Suite version 2024.17 allows remote attackers to inject arbitrary Javascript or HTML code and potentially trigger code execution in vic
Page 1+ Next →