annyshow DuxCMS 2.1 Article edit content କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ

Rakkoon nageenyaa kan ସମସ୍ୟାଜନକ jedhamuun beekamu annyshow DuxCMS 2.1 keessatti argameera. Kan miidhamte is hojii hin beekamne faayilii admin.php&r=article/AdminContent/edit keessa kutaa Article Handler keessa. Hojii jijjiirraa irratti gaggeeffame content gara କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-79 geessa. Dadhabbii kana yeroo 12/08/2022 maxxanfameera. Odeeffannoon kun buufachuuf gitee.com irratti qoodameera. Dogoggorri kun akka CVE-2020-36609tti beekama. Yaaliin weeraraa fageenya irraa jalqabamuu ni danda'a. Faayidaaleen teeknikaa ni jiru. Waliigalatti, meeshaa balaa kana fayyadamuuf jiru. Qorannoo miidhaa (exploit) uummataaf ifoomameera fi fayyadamamuu danda'a. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee ibsameera. Carraa exploit kana gitee.com irraa buufachuun ni danda'ama. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. Akka fakkaatutti galmeen kun CVE-2020-36763 irra deebi'ee ramadame. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

4 ଆଡାପ୍ଟେସନ୍ · 66 ପଏଣ୍ଟ

ଫିଲ୍ଡସୃଷ୍ଟି ହୋଇଛି
12/08/2022 09:30 AM		ଅଦ୍ୟତନ 1/3
01/01/2023 01:56 PM		ଅଦ୍ୟତନ 2/3
01/01/2023 02:02 PM		ଅଦ୍ୟତନ 3/3
07/31/2023 06:56 PM
software_vendorannyshowannyshowannyshowannyshow
software_nameDuxCMSDuxCMSDuxCMSDuxCMS
software_version2.12.12.12.1
software_componentArticle HandlerArticle HandlerArticle HandlerArticle Handler
software_fileadmin.php&r=article/AdminContent/editadmin.php&r=article/AdminContent/editadmin.php&r=article/AdminContent/editadmin.php&r=article/AdminContent/edit
software_argumentcontentcontentcontentcontent
vulnerability_cweCWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)
vulnerability_risk1111
cvss3_vuldb_avNNNN
cvss3_vuldb_acLLLL
cvss3_vuldb_prHHHH
cvss3_vuldb_uiRRRR
cvss3_vuldb_sUUUU
cvss3_vuldb_cNNNN
cvss3_vuldb_iLLLL
cvss3_vuldb_aNNNN
cvss3_vuldb_ePPPP
cvss3_vuldb_rcRRRR
advisory_urlhttps://gitee.com/annyshow/DuxCMS2.1/issues/I183GGhttps://gitee.com/annyshow/DuxCMS2.1/issues/I183GGhttps://gitee.com/annyshow/DuxCMS2.1/issues/I183GGhttps://gitee.com/annyshow/DuxCMS2.1/issues/I183GG
exploit_availability1111
exploit_publicity1111
exploit_urlhttps://gitee.com/annyshow/DuxCMS2.1/issues/I183GGhttps://gitee.com/annyshow/DuxCMS2.1/issues/I183GGhttps://gitee.com/annyshow/DuxCMS2.1/issues/I183GGhttps://gitee.com/annyshow/DuxCMS2.1/issues/I183GG
source_cveCVE-2020-36609CVE-2020-36609CVE-2020-36609CVE-2020-36609
cna_responsibleVulDBVulDBVulDBVulDB
advisory_date1670454000 (12/08/2022)1670454000 (12/08/2022)1670454000 (12/08/2022)1670454000 (12/08/2022)
cvss2_vuldb_avNNNN
cvss2_vuldb_acLLLL
cvss2_vuldb_auMMMM
cvss2_vuldb_ciNNNN
cvss2_vuldb_iiPPPP
cvss2_vuldb_aiNNNN
cvss2_vuldb_ePOCPOCPOCPOC
cvss2_vuldb_rcURURURUR
cvss2_vuldb_rlNDNDNDND
cvss3_vuldb_rlXXXX
cvss2_vuldb_basescore3.33.33.33.3
cvss2_vuldb_tempscore2.82.82.82.8
cvss3_vuldb_basescore2.42.42.42.4
cvss3_vuldb_tempscore2.22.22.22.2
cvss3_meta_basescore2.42.43.43.4
cvss3_meta_tempscore2.22.23.33.3
price_0day$0-$5k$0-$5k$0-$5k$0-$5k
cve_assigned1670454000 (12/08/2022)1670454000 (12/08/2022)1670454000 (12/08/2022)
cve_nvd_summaryA vulnerability was found in annyshow DuxCMS 2.1. It has been classified as problematic. This affects an unknown part of the file admin.php&r=article/AdminContent/edit of the component Article Handler. The manipulation of the argument content leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215115.A vulnerability was found in annyshow DuxCMS 2.1. It has been classified as problematic. This affects an unknown part of the file admin.php&r=article/AdminContent/edit of the component Article Handler. The manipulation of the argument content leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215115.A vulnerability was found in annyshow DuxCMS 2.1. It has been classified as problematic. This affects an unknown part of the file admin.php&r=article/AdminContent/edit of the component Article Handler. The manipulation of the argument content leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215115.
cvss3_nvd_avNN
cvss3_nvd_acLL
cvss3_nvd_prLL
cvss3_nvd_uiRR
cvss3_nvd_sCC
cvss3_nvd_cLL
cvss3_nvd_iLL
cvss3_nvd_aNN
cvss3_cna_avNN
cvss3_cna_acLL
cvss3_cna_prHH
cvss3_cna_uiRR
cvss3_cna_sUU
cvss3_cna_cNN
cvss3_cna_iLL
cvss3_cna_aNN
cve_cnaVulDBVulDB
cvss3_nvd_basescore5.45.4
cvss3_cna_basescore2.42.4
cve_duplicateCVE-2020-36763

ପଛକୁସମୀକ୍ଷାଆହୁରି ଦୂରରେ

Interested in the pricing of exploits?

See the underground prices here!